A U.S. national laboratory has built an artificial intelligence-powered system to detect illicit block reward mining activity on its supercomputers. The new system is designed to detect the digital currency mining programs based on graphs.
The Los Alamos National Laboratory recently revealed the new system, citing the rising cases of cryptojacking in Europe as one of the key reasons for its development.
“Based on recent computer break-ins in Europe and elsewhere, this type of software watchdog will soon be crucial to prevent cryptocurrency miners from hacking into high-performance computing facilities and stealing precious computing resources,” Gopinath Chennupati, a researcher at the lab stated.
The new AI-powered system will detect cryptojacking malware by comparing programs based on graphs.
“All programs can be represented by graphs that consist of nodes linked by lines, loops, or jumps,” the researchers stated. Similar to a fingerprint database which stores the whirls and arcs on a human fingerprint and then uses them to catch criminals, “the new AI system compares the contours in a program’s flow-control graph to a catalog of graphs for programs that are allowed to run on a given computer.”
The system will not identify the specific mining program, but instead “check to determine whether a graph is among those that identify programs that are supposed to be running on the system.”
While testing the system, the researchers found that it identified illicit mining programs much quicker and more reliably than its non-AI counterparts, the researchers claimed. Moreover, it can’t be fooled by common techniques that criminals use to evade detection. The researchers recommended using the system alongside other effective approaches for a foolproof defense against cryptojacking malware.
The lab’s AI system comes at a time when hackers have targeted learning and research institutions for cryptojacking. In May 2020, hackers targeted supercomputers in Europe in one of the worst attacks of its kind, to mine Monero. The first victim was the University of Edinburg in Scotland, whose ARCHER supercomputer took weeks to get back running following the attack. Similar attacks were reported in Germany’s bwHPC, a research organization, the Bavarian Academy of Sciences and the Swiss Center of Scientific Computations.
Source: Read Full Article