A Holistic Intelligent Cryptojacking Malware Detection System

Recent statistics indicate a continuous rise in cryptojacking malware. This malware covertly exploits users' device resources to mine cryptocurrencies, such as Bitcoin, without their knowledge or consent. Cryptocurrency mining involves participants competing to generate a unique hash, with successful miners earning cryptocurrency tokens as rewards. As the difficulty of mining new cryptocurrencies increases, greater computational power and resources are required. Unfortunately, the growing popularity of cryptocurrencies has led to a significant increase in cryptojacking malware. Compounding this issue is the lack of adequate, practical solutions to combat this threat. Current shortcomings include a limited number of related studies, particularly in host-based cryptojacking, a scarcity of recent research, reliance on small or outdated datasets, and a shallow understanding of the behavior and characteristics of cryptojacking malware. This paper aims to address these gaps by introducing a holistic, intelligent cryptojacking malware detection system that: 1) provides a detailed analysis of the lifecycle of both host-based and web-based cryptojacking malware; 2) conducts a critical comparison of existing solutions, highlighting their weaknesses; 3) applies deep static analysis to identify key indicators crucial for cryptojacking analysis; 4) executes thorough dynamic analysis to demonstrate the real-world impact of cryptojacking; 5) utilizes a new, large, and robust cryptojacking dataset (CJDS) with over 100,000 samples, where the details of constructing this dataset are provided, (f) develops vision-based predictive models using 23 convolutional neural network (CNN) algorithms, extensively evaluated with comprehensive metrics; and 6) integrates the best-performing model to bulid a highly efficient cryptojacking detection system with an accuracy of 99%. This research offers valuable insights into the characteristics and consequences of cryptojacking, paving the way for further advancements in cybersecurity. It aims to protect digital environments from unauthorized resource exploitation and enhance the security of cryptocurrency-based systems.