Fending off Bitcoin Mining HPC Thieves – Idaho National Lab’s Cryptojacking Detector

Print Friendly, PDF & Email

Demand for HPC resources from cryptocurrency miners has only increased with the explosion in the Bitcoin’s price – up 65 percent year-to-date. But with that demand has come mining malware, such as Monero and Lighting, algorithms that embed themselves into HPC applications.

Idaho National Laboratory (INL) has announced development of a machine translation-based cryptocurrency mining malware detector. On a U.S. Department of Energy contract announcement site, the lab said it seeks a partner to join in a licensing or collaborative research agreement to commercialize the malware detector.

With Bitcoin at $46,000 (it jumped past $50,000 earlier this week), cryptocurrency mining, a highly complex and expensive process, is more of a lure than ever because miners can acquire cryptocurrency without paying for it. But a big part of the mining expense is accessing HPC resources “present(ing) an increasing threat to research data centers and HPC systems throughout the world,” INL said in its filing on the DOE site. “There are presently over 2000 types of cryptocurrencies and mining is an operation fundamental to maintaining the operation of these cryptocurrencies. Mining is expensive and requires substantial HPC hardware and datacenter facilities. This cost can be reduced by using stolen HPC resources via cryptojacking.”

INL said its detection algorithm, though still in proof-of-concept stage, “is a rapid test based on machine translation to verify a binary submitted for execution on a data center” that “uses the attention mechanism in deep learning to accurately and reliably detect cryptocurrency malware.”

The lab emphasized while binary classification efforts “are easily thwarted via simple obfuscation,” machine translation “gives a reverse engineered view of a binary, thereby enabling greater transparency to the data center manager.”