{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,14]],"date-time":"2026-01-14T17:14:04Z","timestamp":1768410844860,"version":"3.49.0"},"publisher-location":"Cham","reference-count":55,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319663319","type":"print"},{"value":"9783319663326","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-66332-6_13","type":"book-chapter","created":{"date-parts":[[2017,10,11]],"date-time":"2017-10-11T11:58:05Z","timestamp":1507723085000},"page":"287-310","source":"Crossref","is-referenced-by-count":35,"title":["Mining on Someone Else\u2019s Dime: Mitigating Covert Mining Operations in Clouds and Enterprises"],"prefix":"10.1007","author":[{"given":"Rashid","family":"Tahir","sequence":"first","affiliation":[]},{"given":"Muhammad","family":"Huzaifa","sequence":"additional","affiliation":[]},{"given":"Anupam","family":"Das","sequence":"additional","affiliation":[]},{"given":"Mohammad","family":"Ahmad","sequence":"additional","affiliation":[]},{"given":"Carl","family":"Gunter","sequence":"additional","affiliation":[]},{"given":"Fareed","family":"Zaffar","sequence":"additional","affiliation":[]},{"given":"Matthew","family":"Caesar","sequence":"additional","affiliation":[]},{"given":"Nikita","family":"Borisov","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,10,12]]},"reference":[{"key":"13_CR1","unstructured":"Bitcoin Anonymizer TOR Wallet. https:\/\/torwallet.com\/"},{"key":"13_CR2","unstructured":"CryptoNight. https:\/\/en.bitcoin.it\/wiki\/CryptoNight"},{"key":"13_CR3","unstructured":"CUDA Toolkit Documentation. https:\/\/tinyurl.com\/z7bx3b3"},{"key":"13_CR4","unstructured":"Government employee caught mining using work supercomputer. https:\/\/tinyurl.com\/mrpqffd"},{"key":"13_CR5","unstructured":"ABC employee caught mining for Bitcoins on company servers (2011). https:\/\/tinyurl.com\/lxcujtx"},{"key":"13_CR6","unstructured":"Data Center Power and Cooling. CISCO White Paper (2011)"},{"key":"13_CR7","unstructured":"How to Get Rich on Bitcoin, By a System Administrator Who\u2019s Secretly Growing Them On His School\u2019s Computers (2011). https:\/\/tinyurl.com\/lwx8rup"},{"key":"13_CR8","unstructured":"The ZeroAccess Botnet - Mining and Fraud for Massive Financial Gain (2012). https:\/\/tinyurl.com\/ldgcfao"},{"key":"13_CR9","unstructured":"Online Thief Steals Amazon Account to Mine Litecoins in the Cloud (2013). https:\/\/tinyurl.com\/mzpbype"},{"key":"13_CR10","unstructured":"Harvard Research Computing Resources Misused for Dogecoin Mining Operation (2014). https:\/\/tinyurl.com\/n8pzvt6"},{"key":"13_CR11","unstructured":"How Hackers Hid a Money-Mining Botnet in the Clouds of Amazon and Others (2014). https:\/\/tinyurl.com\/mowzx73"},{"key":"13_CR12","unstructured":"List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses (2014). https:\/\/bitcointalk.org\/index.php?topic=576337"},{"key":"13_CR13","unstructured":"Mobile Malware Mines Dogecoins and Litecoins for Bitcoin Payout (2014). https:\/\/tinyurl.com\/q828blg"},{"key":"13_CR14","unstructured":"NAS device botnet mined $600,000 in Dogecoin over two months (2014). https:\/\/tinyurl.com\/myglgoa"},{"key":"13_CR15","unstructured":"US Government Bans Professor for Mining Bitcoin with A Supercomputer (2014). https:\/\/tinyurl.com\/k3ww4rp"},{"key":"13_CR16","unstructured":"Adobe Flash Player Exploit Could Be Used to Install BitCoinMiner Trojan (2015). https:\/\/tinyurl.com\/lhxzloa"},{"key":"13_CR17","unstructured":"Cloud Mining Put to the Test- Is It Worth Your Money? (2015). https:\/\/tinyurl.com\/zquylbo"},{"key":"13_CR18","unstructured":"Developer Hit with $6,500 AWS Bill from Visual Studio Bug (2015). https:\/\/tinyurl.com\/zm3pzjq"},{"key":"13_CR19","unstructured":"Perf Tool Wiki (2015). https:\/\/tinyurl.com\/2enxbko"},{"key":"13_CR20","unstructured":"Standard Performance Evaluation Corporation (2015). https:\/\/www.spec.org\/benchmarks.html"},{"key":"13_CR21","unstructured":"Trojan, C.: A Grave Threat to BitCoin Wallets (2016). https:\/\/tinyurl.com\/k73wdaq"},{"key":"13_CR22","unstructured":"Crypto-Currency Market Capitalizations (2016). https:\/\/coinmarketcap.com\/"},{"key":"13_CR23","unstructured":"Kraken Bitcoin Exchange (2016). https:\/\/www.kraken.com\/"},{"key":"13_CR24","unstructured":"Linux. Lady. 1 Trojan Infects Redis Servers and Mines for Cryptocurrency (2016). url https:\/\/tinyurl.com\/ka9ae4c"},{"key":"13_CR25","unstructured":"Randomized Decision Trees: A Fast C++ Implementation of Random Forests (2016). https:\/\/github.com\/bjoern-andres\/random-forest"},{"key":"13_CR26","unstructured":"Student uses university computers to mine Dogecoin (2016). https:\/\/tinyurl.com\/lubeqct"},{"key":"13_CR27","unstructured":"Supplemental Terms and Conditions For Google Cloud Platform Free Trial (2017). https:\/\/tinyurl.com\/ke5vs49"},{"key":"13_CR28","doi-asserted-by":"crossref","unstructured":"Akaike, H.: A new look at the statistical model identification. IEEE TAC 19 (1974)","DOI":"10.1109\/TAC.1974.1100705"},{"key":"13_CR29","unstructured":"Marosi, A.: Cryptomining malware on NAS servers (2016)"},{"key":"13_CR30","doi-asserted-by":"crossref","unstructured":"Baek, H.W., Srivastava, A., van der Merwe, J.E.: Cloudvmi: virtual machine introspection as a cloud service. In: 2014 IEEE International Conference on Cloud Engineering (2014)","DOI":"10.1109\/IC2E.2014.82"},{"key":"13_CR31","unstructured":"Brown, G., Pocock, A.C., Zhao, M., Luj\u00e1n, M.: Conditional likelihood maximisation: a unifying framework for information theoretic feature selection. In: JMLR (2012)"},{"key":"13_CR32","unstructured":"Percival, C., Josefsson, S.: The Scrypt Password-Based Key Derivation Function. IETF (2012)"},{"key":"13_CR33","doi-asserted-by":"crossref","unstructured":"Che, S., et al.: Rodinia: A benchmark suite for heterogeneous computing. In: Proceedings of the 2009 IEEE International Symposium on Workload Characterization (2009)","DOI":"10.1109\/IISWC.2009.5306797"},{"key":"13_CR34","first-page":"1034","volume":"2015","author":"M Chiappetta","year":"2015","unstructured":"Chiappetta, M., Savas, E., Yilmaz, C.: Real time detection of cache-based side-channel attacks using hardware performance counters. IACR Cryptol. ePrint Archive 2015, 1034 (2015)","journal-title":"IACR Cryptol. ePrint Archive"},{"key":"13_CR35","doi-asserted-by":"crossref","unstructured":"Demme, J., Maycock, M., Schmitz, J., Tang, A., Waksman, A., Sethumadhavan, S., Stolfo, S.J.: On the feasibility of online malware detection with performance counters. In: The 40th Annual ISCA (2013)","DOI":"10.1145\/2485922.2485970"},{"key":"13_CR36","doi-asserted-by":"crossref","unstructured":"Dinaburg, A., Royal, P., Sharif, M.I., Lee, W.: Ether: malware analysis via hardware virtualization extensions. In: ACM CCS (2008)","DOI":"10.1145\/1455770.1455779"},{"key":"13_CR37","doi-asserted-by":"crossref","unstructured":"Ferdman, M., Adileh, A., Ko\u00e7berber, Y.O., Volos, S., Alisafaee, M., Jevdjic, D., Kaynak, C., Popescu, A.D., Ailamaki, A., Falsafi, B.: Clearing the clouds: a study of emerging scale-out workloads on modern hardware. In: ASPLOS (2012)","DOI":"10.1145\/2150976.2150982"},{"key":"13_CR38","unstructured":"Garcia-Serrano, A.: Anomaly detection for malware identification using hardware performance counters. CoRR (2015)"},{"key":"13_CR39","doi-asserted-by":"crossref","unstructured":"Huang, D.Y., Dharmdasani, H., Meiklejohn, S., Dave, V., Grier, C., McCoy, D., Savage, S., Weaver, N., Snoeren, A.C., Levchenko, K.: Botcoin: monetizing stolen cycles. In: NDSS (2014)","DOI":"10.14722\/ndss.2014.23044"},{"key":"13_CR40","doi-asserted-by":"crossref","unstructured":"Idziorek, J., Tannian, M.: Exploiting cloud utility models for profit and ruin. In: IEEE CLOUD (2011)","DOI":"10.1109\/CLOUD.2011.45"},{"key":"13_CR41","doi-asserted-by":"crossref","unstructured":"Jiang, X., Wang, X., Xu, D.: Stealthy malware detection and monitoring through VMM-based \u201cout-of-the-box\u201d semantic view reconstruction. ACM Trans. Inf. Syst. Secur. 13(2), 12:1\u201312:28 (2010)","DOI":"10.1145\/1698750.1698752"},{"key":"13_CR42","unstructured":"Lengyel, T.K., Neumann, J., Maresca, S., Payne, B.D., Kiayias, A.: Virtual machine introspection in a hybrid honeypot architecture. In: CSET (2012)"},{"key":"13_CR43","unstructured":"Mulazzani, M., Schrittwieser, S., Leithner, M., Huber, M., Weippl, E.R.: Dark clouds on the horizon: using cloud storage as attack vector and online slack space. In: 20th USENIX Security Symposium (2011)"},{"key":"13_CR44","unstructured":"National Science Foundation Office of Inspector General: SEMIANNUAL REPORT TO CONGRESS (2014)"},{"key":"13_CR45","doi-asserted-by":"crossref","unstructured":"Payne, B.D., Lee, W.: Secure and flexible monitoring of virtual machines. In: ACSAC (2007)","DOI":"10.1109\/ACSAC.2007.10"},{"key":"13_CR46","unstructured":"Sembrant, A.: Low Overhead Online Phase Predictor and Classifier. Master\u2019s thesis, UPPSALA UNIVERSITET (2011)"},{"key":"13_CR47","doi-asserted-by":"crossref","first-page":"427","DOI":"10.1016\/j.ipm.2009.03.002","volume":"45","author":"M Sokolova","year":"2009","unstructured":"Sokolova, M., Lapalme, G.: A systematic analysis of performance measures for classification tasks. Inf. Process. Manage. 45, 427\u2013437 (2009)","journal-title":"Inf. Process. Manage."},{"key":"13_CR48","doi-asserted-by":"crossref","unstructured":"Srinivasan, J., Wei, W., Ma, X., Yu, T.: EMFS: email-based personal cloud storage. In: NAS (2011)","DOI":"10.1109\/NAS.2011.55"},{"key":"13_CR49","unstructured":"Stratton, J.A., et al.: Parboil: A revised benchmark suite for scientific and commercial throughput computing. In: IMPACT Technical report (2012)"},{"key":"13_CR50","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1007\/978-3-319-11379-1_6","volume-title":"Research in Attacks, Intrusions and Defenses","author":"A Tang","year":"2014","unstructured":"Tang, A., Sethumadhavan, S., Stolfo, S.J.: Unsupervised anomaly-based malware detection using hardware features. In: Stavrou, A., Bos, H., Portokalidis, G. (eds.) RAID 2014. LNCS, vol. 8688, pp. 109\u2013129. Springer, Cham (2014). doi: 10.1007\/978-3-319-11379-1_6"},{"key":"13_CR51","unstructured":"Tinedo, R.G., Artigas, M.S., L\u00f3pez, P.G.: Cloud-as-a-gift: effectively exploiting personal cloud free accounts via REST apis. In: IEEE CLOUD (2013)"},{"key":"13_CR52","doi-asserted-by":"crossref","unstructured":"Vaquero, L.M., Rodero-Merino, L., Mor\u00e1n, D.: Locking the sky: a survey on IaaS cloud security. Computing 91(1), 93\u2013118 (2011)","DOI":"10.1007\/s00607-010-0140-x"},{"key":"13_CR53","doi-asserted-by":"crossref","unstructured":"Wang, X., Karri, R.: Numchecker: detecting kernel control-flow modifying rootkits by using hardware performance counters. In: The 50th Annual DAC (2013)","DOI":"10.1145\/2463209.2488831"},{"key":"13_CR54","doi-asserted-by":"crossref","unstructured":"Wang, X., Konstantinou, C., Maniatakos, M., Karri, R.: Confirm: Detecting firmware modifications in embedded systems using hardware performance counters. In: ICCAD (2015)","DOI":"10.1109\/ICCAD.2015.7372617"},{"key":"13_CR55","doi-asserted-by":"crossref","unstructured":"Yuan, L., Xing, W., Chen, H., Zang, B.: Security breaches as PMU deviation: detecting and identifying security attacks using performance counters. In: APSys (2011)","DOI":"10.1145\/2103799.2103807"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions, and Defenses"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-66332-6_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,4]],"date-time":"2019-10-04T13:18:48Z","timestamp":1570195128000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-66332-6_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319663319","9783319663326"],"references-count":55,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-66332-6_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]}}}