门罗币类挖矿主被动的分析与研究
Analysis and research on monero active mining and passive mining
史博轩 1毛洪亮 1林绅文1
作者信息
- 1. 国家计算机网络应急技术处理协调中心,北京 100029
- 折叠
摘要
[目的/意义]门罗币类挖矿通常是通过感染宿主计算机来非法挖掘虚拟货币,从而获取非法收益,对网络安全和数据安全造成了一系列影响.[方法/过程]针对门罗币类虚拟货币挖矿的主动和被动行为难以区分等问题,提出了一种针对明密文的门罗币类挖矿检测分析方法.通过分析门罗币类挖矿通信协议,设计行为检测方法提取特征信息,包括算力值、账号数量、提交次数和矿池信息,进行综合计算判断主被动挖矿行为.[结果/结论]主动挖矿与被动挖矿在动机和方式上存在着差异,为虚拟货币主被动挖矿活动识别提供了一种解决方案,保障了网络和信息系统的安全.
Abstract
[Purpose/Significance]monero-like mining usually illegally mines virtual currency by infecting the host computer,thereby obtaining illegal income,causing a series of problems to network security and data security.[Method/Process]Aiming at the difficulty of distinguishing the active and passive behaviors of Monero-like virtual currency mining,a Monero-like mining detection and analysis method for plaintext is proposed.By analyzing the Monero-like mining communication protocol,a behavior detection method is designed to extract characteristic information,including computing power,account number,submission times,and mining pool information,and conduct comprehensive calculations to judge active and passive mining behaviors.[Results/Conclusion]Active mining and passive mining are different in motives and methods,providing a solution for the identification of active and passive mining activities of virtual currency,and ensuring the security of networks and information systems.
关键词
门罗币/挖矿行为/矿池通信/主被动挖矿/网络安全Key words
monero/mining behavior/mining pool communication/active and passive mining/network security引用本文复制引用
基金项目
北京市自然科学基金(M21038)
国家重点研发计划(2022YFC3320900)
出版年
2024
NETL
NSTL
万方数据