Digital Currency Features Oriented Fine-Grained Code Injection Attack Detection

Sun Cong; Li Zhankui; Chen Liang; Ma Jianfeng; Qiao Xinbo

doi:10.7544/issn1000-1239.2021.20200937

Journal of Computer Research and Development > 2021 > 58(5): 1035-1044. > DOI: 10.7544/issn1000-1239.2021.20200937 CSTR: 32373.14.issn1000-1239.2021.20200937

Sun Cong, Li Zhankui, Chen Liang, Ma Jianfeng, Qiao Xinbo. Digital Currency Features Oriented Fine-Grained Code Injection Attack Detection[J]. Journal of Computer Research and Development, 2021, 58(5): 1035-1044. DOI: 10.7544/issn1000-1239.2021.20200937

Citation:

PDF (1007 KB)

Digital Currency Features Oriented Fine-Grained Code Injection Attack Detection

¹(School of Cyber Engineering, Xidian University, Xi’an 710071)
²(HUAWEI Technologies Co., Ltd, Xi’an 710075)

Funds: This work was supported by the National Natural Science Foundation of China (61872279) and the Key Research and Development Program of Shaanxi Province (2020GY-004, 2019ZDLGY12-06).

More Information

Published Date: April 30, 2021

Graphical Abstract

Abstract

Abstract

Digital currencies have developed rapidly and emerged as a critical form of our payment system. Consequently, the applications and platforms of digital currencies and their payment services are extensively exposed to various exploits by malware. In a typical scenario, modern ransomware usually leverages digital currencies as the medium of payment. The state-of-the-art code injection attack detections have rarely considered such digital currency-related memory features, thus can hardly identify the malicious behaviors of ransomware. To mitigate this issue, we propose a fine-grained scheme of memory forensics to facilitate the detection of host-based code injection attacks with the ability to identify ransomware. We capture the digital currency-related memory features exhibited in the procedure of inducing the victims’ payment. We incorporate such memory features into a set of general memory features and implement a fine-grained detection system on code injection attacks. According to the experimental results, the new scheme of memory forensics effectively improves the performance of the state-of-the-art detection system on different metrics. Meanwhile, our approach enables the detection systems of host-based code injection attacks to capture the behaviors of ransomware precisely. Moreover, the extraction of the newly proposed memory features is efficient, and our detection system is capable of detecting unknown malware families.
- code injection attack,
- machine learning,
- memory forensics,
- ransomware,
- digital currency

FullText(HTML)

References (0)

[1]	Zhang Jianyi, Wang Zhiqiang, Xu Zhili, Ouyang Yafei, Yang Tao. A Regulatable Digital Currency Model Based on Blockchain[J]. Journal of Computer Research and Development, 2018, 55(10): 2219-2232. DOI: 10.7544/issn1000-1239.2018.20180426
[2]	Que Mengfei, Zhang Junwei, Yang Chao, Yang Li, Ma Jianfeng, Cui Wenxuan. Position Based Digital Signature Scheme in IoTs[J]. Journal of Computer Research and Development, 2018, 55(7): 1421-1431. DOI: 10.7544/issn1000-1239.2018.20180065
[3]	Wei Shanshan, Xie Wei, He Zhiqiang. Digital Video Stabilization Techniques: A Survey[J]. Journal of Computer Research and Development, 2017, 54(9): 2044-2058. DOI: 10.7544/issn1000-1239.2017.20160078
[4]	Jiang Qingfeng, Men Chaoguang, Li Xiang, He Zhongzheng. A Virtual Currency-Based Incentive-Aware Low Delay Routing for DTNs[J]. Journal of Computer Research and Development, 2015, 52(12): 2707-2724. DOI: 10.7544/issn1000-1239.2015.20140566
[5]	Li Mohan, Li Jianzhong. Algorithms for Improving Data Currency[J]. Journal of Computer Research and Development, 2015, 52(9): 1992-2001. DOI: 10.7544/issn1000-1239.2015.20140687
[6]	Qiu Yuanjie and Liu Xinsong. Writing Mechanism in Digital Organism File System[J]. Journal of Computer Research and Development, 2010, 47(12).
[7]	Liu Dong, Sun Ming, Zhou Mingtian. A Text Digital Watermarking Technology Based on Graph Theory[J]. Journal of Computer Research and Development, 2007, 44(10): 1757-1764.
[8]	Jia Jian, Jiao Licheng. Implementation of Digital Ridgelet Transform and a New Method[J]. Journal of Computer Research and Development, 2006, 43(1): 115-119.
[9]	Wang Jian, Lin Fuzong. Digital Audio Watermarking Based on Support Vector Machine (SVM)[J]. Journal of Computer Research and Development, 2005, 42(9): 1605-1611.
[10]	Yin Hao, Lin Chuang, Qiu Feng, and Ding Rong. A Survey of Digital Watermarking[J]. Journal of Computer Research and Development, 2005, 42(7): 1093-1099.