{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,2]],"date-time":"2026-02-02T00:31:04Z","timestamp":1769992264582,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":51,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,10,26]],"date-time":"2022-10-26T00:00:00Z","timestamp":1666742400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Ripple"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,10,26]]},"DOI":"10.1145\/3545948.3545973","type":"proceedings-article","created":{"date-parts":[[2022,10,17]],"date-time":"2022-10-17T11:21:49Z","timestamp":1666005709000},"page":"482-494","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":16,"title":["CJ-Sniffer: Measurement and Content-Agnostic Detection of Cryptojacking Traffic"],"prefix":"10.1145","author":[{"given":"Yebo","family":"Feng","sequence":"first","affiliation":[{"name":"University of Oregon, United States of America"}]},{"given":"Jun","family":"Li","sequence":"additional","affiliation":[{"name":"University of Oregon, United States of America"}]},{"given":"Devkishen","family":"Sisodia","sequence":"additional","affiliation":[{"name":"University of Oregon, United States of America"}]}],"member":"320","published-online":{"date-parts":[[2022,10,26]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2017. CoinIMP: FREE JavaScript Mining - Browser Mining. https:\/\/www.coinimp.com\/. Accessed: 2021-04-15.  2017. CoinIMP: FREE JavaScript Mining - Browser Mining. https:\/\/www.coinimp.com\/. Accessed: 2021-04-15."},{"key":"e_1_3_2_1_2_1","unstructured":"2017. XMRig: high performance open source cross platform XMR miner. https:\/\/github.com\/xmrig\/xmrig. Accessed: 2021-04-15.  2017. XMRig: high performance open source cross platform XMR miner. https:\/\/github.com\/xmrig\/xmrig. Accessed: 2021-04-15."},{"key":"e_1_3_2_1_3_1","unstructured":"2018. Easy Pool Miner. https:\/\/jefreesujit.github.io\/easyminer\/. Accessed: 2021-04-15.  2018. Easy Pool Miner. https:\/\/jefreesujit.github.io\/easyminer\/. Accessed: 2021-04-15."},{"key":"e_1_3_2_1_4_1","unstructured":"2019. Minero: Monero miner for Web browsers. https:\/\/minero.cc\/. Accessed: 2021-04-15.  2019. Minero: Monero miner for Web browsers. https:\/\/minero.cc\/. Accessed: 2021-04-15."},{"key":"e_1_3_2_1_5_1","unstructured":"2019. WebMinePool: Multifunctional mining service for site owners and individuals. https:\/\/www.webminepool.com\/. Accessed: 2021-04-15.  2019. WebMinePool: Multifunctional mining service for site owners and individuals. https:\/\/www.webminepool.com\/. Accessed: 2021-04-15."},{"key":"e_1_3_2_1_6_1","unstructured":"2021. The history of Ethereum. https:\/\/ethereum.org\/en\/history\/. Accessed: 2022-4-6.  2021. The history of Ethereum. https:\/\/ethereum.org\/en\/history\/. Accessed: 2022-4-6."},{"key":"e_1_3_2_1_7_1","first-page":"2021","article-title":"PF-RING: High-speed packet capture, filtering and analysis. https:\/\/www.ntop.org\/products\/packet-capture\/pf_ring\/","year":"2021","unstructured":"2021 . PF-RING: High-speed packet capture, filtering and analysis. https:\/\/www.ntop.org\/products\/packet-capture\/pf_ring\/ . Accessed : 2021 - 2005 . 2021. PF-RING: High-speed packet capture, filtering and analysis. https:\/\/www.ntop.org\/products\/packet-capture\/pf_ring\/. Accessed: 2021-05.","journal-title":"Accessed"},{"key":"e_1_3_2_1_8_1","unstructured":"Spenser Reinhardt Lilia Gonzalez Medina Josh Reynolds Alan\u00a0Smith Alex\u00a0Mcdonnell Nichols\u00a0Mavis. 2019. Blocking Cryptocurrency Mining Using Cisco Security Products.  Spenser Reinhardt Lilia Gonzalez Medina Josh Reynolds Alan\u00a0Smith Alex\u00a0Mcdonnell Nichols\u00a0Mavis. 2019. Blocking Cryptocurrency Mining Using Cisco Security Products."},{"key":"e_1_3_2_1_9_1","volume-title":"28th {USENIX} Security Symposium ({USENIX} Security 19). 1627\u20131644.","author":"Bijmans LJ","unstructured":"Hugo\u00a0 LJ Bijmans , Tim\u00a0 M Booij , and Christian Doerr . 2019. Inadvertently making cyber criminals rich: A comprehensive study of cryptojacking campaigns at internet scale . In 28th {USENIX} Security Symposium ({USENIX} Security 19). 1627\u20131644. Hugo\u00a0LJ Bijmans, Tim\u00a0M Booij, and Christian Doerr. 2019. Inadvertently making cyber criminals rich: A comprehensive study of cryptojacking campaigns at internet scale. In 28th {USENIX} Security Symposium ({USENIX} Security 19). 1627\u20131644."},{"key":"e_1_3_2_1_10_1","unstructured":"Andrew Brandt. 2021. Compromised Exchange server hosting cryptojacker targeting other Exchange servers. https:\/\/news.sophos.com\/en-us\/2021\/04\/13\/compromised-exchange-server-hosting-cryptojacker-targeting-other-exchange-servers\/.  Andrew Brandt. 2021. Compromised Exchange server hosting cryptojacker targeting other Exchange servers. https:\/\/news.sophos.com\/en-us\/2021\/04\/13\/compromised-exchange-server-hosting-cryptojacker-targeting-other-exchange-servers\/."},{"key":"e_1_3_2_1_11_1","unstructured":"Maurantonio Caprolu Simone Raponi Gabriele Oligeri and Roberto Di\u00a0Pietro. 2019. Cryptomining makes noise: a machine learning approach for cryptojacking detection. arXiv preprint arXiv:1910.09272(2019).  Maurantonio Caprolu Simone Raponi Gabriele Oligeri and Roberto Di\u00a0Pietro. 2019. Cryptomining makes noise: a machine learning approach for cryptojacking detection. arXiv preprint arXiv:1910.09272(2019)."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2021.02.016"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1093\/rfs\/hhaa040"},{"key":"e_1_3_2_1_14_1","unstructured":"Hamid Darabian Sajad Homayounoot Ali Dehghantanha Sattar Hashemi Hadis Karimipour Reza\u00a0M Parizi and Kim-Kwang\u00a0Raymond Choo. 2020. Detecting Cryptomining Malware: a Deep Learning Approach for Static and Dynamic Analysis. Journal of Grid Computing(2020) 1\u201311.  Hamid Darabian Sajad Homayounoot Ali Dehghantanha Sattar Hashemi Hadis Karimipour Reza\u00a0M Parizi and Kim-Kwang\u00a0Raymond Choo. 2020. Detecting Cryptomining Malware: a Deep Learning Approach for Static and Dynamic Analysis. Journal of Grid Computing(2020) 1\u201311."},{"key":"e_1_3_2_1_15_1","volume-title":"dnaleor, and Monero project","year":"2018","unstructured":"dEBRYUNE , dnaleor, and Monero project . 2018 . PoW change and key reuse. https:\/\/www.getmonero.org\/2018\/02\/11\/PoW-change-and-key-reuse.html. Accessed : 2022-4-6. dEBRYUNE, dnaleor, and Monero project. 2018. PoW change and key reuse. https:\/\/www.getmonero.org\/2018\/02\/11\/PoW-change-and-key-reuse.html. Accessed: 2022-4-6."},{"key":"e_1_3_2_1_16_1","unstructured":"Darragh Delaney. 2018. How to Detect Cryptocurrency Mining Activity on Your Network. https:\/\/www.netfort.com\/blog\/detect-cryptocurrency-mining-activity\/.  Darragh Delaney. 2018. How to Detect Cryptocurrency Mining Activity on Your Network. https:\/\/www.netfort.com\/blog\/detect-cryptocurrency-mining-activity\/."},{"key":"e_1_3_2_1_17_1","unstructured":"Howard\u00a0B Demuth Mark\u00a0H Beale Orlando De\u00a0Jess and Martin\u00a0T Hagan. 2014. Neural network design. Martin Hagan.  Howard\u00a0B Demuth Mark\u00a0H Beale Orlando De\u00a0Jess and Martin\u00a0T Hagan. 2014. Neural network design. Martin Hagan."},{"key":"e_1_3_2_1_18_1","unstructured":"Yebo Feng. 2022. Packet-Level Cryptomining Network Traffic Dataset. https:\/\/github.com\/yebof\/CJ-Sniffer-Dataset.  Yebo Feng. 2022. Packet-Level Cryptomining Network Traffic Dataset. https:\/\/github.com\/yebof\/CJ-Sniffer-Dataset."},{"key":"e_1_3_2_1_19_1","unstructured":"Yebo Feng. 2022. Toward Finer Granularity Analysis of Network Traffic. (2022).  Yebo Feng. 2022. Toward Finer Granularity Analysis of Network Traffic. (2022)."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/3320269.3405440"},{"key":"e_1_3_2_1_21_1","volume-title":"Cryptojacking Detection with CPU Usage Metrics. In 2020 IEEE 19th International Symposium on Network Computing and Applications (NCA). IEEE, 1\u201310","author":"Gomes F\u00e1bio","year":"2020","unstructured":"F\u00e1bio Gomes and Miguel Correia . 2020 . Cryptojacking Detection with CPU Usage Metrics. In 2020 IEEE 19th International Symposium on Network Computing and Applications (NCA). IEEE, 1\u201310 . F\u00e1bio Gomes and Miguel Correia. 2020. Cryptojacking Detection with CPU Usage Metrics. In 2020 IEEE 19th International Symposium on Network Computing and Applications (NCA). IEEE, 1\u201310."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/NCA51143.2020.9306698"},{"key":"e_1_3_2_1_23_1","volume-title":"Long short-term memory. Neural computation 9, 8","author":"Hochreiter Sepp","year":"1997","unstructured":"Sepp Hochreiter and J\u00fcrgen Schmidhuber . 1997. Long short-term memory. Neural computation 9, 8 ( 1997 ), 1735\u20131780. Sepp Hochreiter and J\u00fcrgen Schmidhuber. 1997. Long short-term memory. Neural computation 9, 8 (1997), 1735\u20131780."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243840"},{"key":"e_1_3_2_1_25_1","volume-title":"Detecting Cryptojacking Traffic Based on Network Behavior Features. In 2021 IEEE Global Communications Conference (GLOBECOM). IEEE, 01\u201306","author":"Hu Xiaoyan","year":"2021","unstructured":"Xiaoyan Hu , Zhuozhuo Shu , Xiaoyi Song , Guang Cheng , and Jian Gong . 2021 . Detecting Cryptojacking Traffic Based on Network Behavior Features. In 2021 IEEE Global Communications Conference (GLOBECOM). IEEE, 01\u201306 . Xiaoyan Hu, Zhuozhuo Shu, Xiaoyi Song, Guang Cheng, and Jian Gong. 2021. Detecting Cryptojacking Traffic Based on Network Behavior Features. In 2021 IEEE Global Communications Conference (GLOBECOM). IEEE, 01\u201306."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/IWMN.2019.8804995"},{"key":"e_1_3_2_1_27_1","volume-title":"Mobile, Analytics and Cloud)(I-SMAC) I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC)","author":"Iyer Sainathan\u00a0Ganesh","year":"2018","unstructured":"Sainathan\u00a0Ganesh Iyer and Anurag\u00a0Dipakumar Pawar . 2018. GPU and CPU accelerated mining of cryptocurrencies and their financial analysis. In 2018 2nd International Conference on I-SMAC (IoT in Social , Mobile, Analytics and Cloud)(I-SMAC) I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC) , 2018 2nd International Conference on. IEEE , 599\u2013604. Sainathan\u00a0Ganesh Iyer and Anurag\u00a0Dipakumar Pawar. 2018. GPU and CPU accelerated mining of cryptocurrencies and their financial analysis. In 2018 2nd International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC) I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC), 2018 2nd International Conference on. IEEE, 599\u2013604."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45744-4_2"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1080091.1080119"},{"key":"e_1_3_2_1_30_1","unstructured":"Monero\u00a0Research Lab. 2018. MONERO a Private Digital Currency. https:\/\/www.getmonero.org\/.  Monero\u00a0Research Lab. 2018. MONERO a Private Digital Currency. https:\/\/www.getmonero.org\/."},{"key":"e_1_3_2_1_31_1","unstructured":"Monero\u00a0Research Lab. 2021. Monero Documentation - CryptoNight a memory hard hash function. https:\/\/monerodocs.org\/proof-of-work\/cryptonight\/.  Monero\u00a0Research Lab. 2021. Monero Documentation - CryptoNight a memory hard hash function. https:\/\/monerodocs.org\/proof-of-work\/cryptonight\/."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2017.08.020"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/LWC.2018.2820009"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1080\/01621459.1951.10500769"},{"key":"e_1_3_2_1_35_1","unstructured":"Angela Orebaugh Gilbert Ramirez and Jay Beale. 2006. Wireshark & Ethereal network protocol analyzer toolkit. Elsevier.  Angela Orebaugh Gilbert Ramirez and Jay Beale. 2006. Wireshark & Ethereal network protocol analyzer toolkit. Elsevier."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3457904"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.3019658"},{"key":"e_1_3_2_1_38_1","volume-title":"Coinpolice: Detecting hidden cryptojacking attacks with neural networks. arXiv preprint arXiv:2006.10861(2020).","author":"Petrov Ivan","year":"2020","unstructured":"Ivan Petrov , Luca Invernizzi , and Elie Bursztein . 2020 . Coinpolice: Detecting hidden cryptojacking attacks with neural networks. arXiv preprint arXiv:2006.10861(2020). Ivan Petrov, Luca Invernizzi, and Elie Bursztein. 2020. Coinpolice: Detecting hidden cryptojacking attacks with neural networks. arXiv preprint arXiv:2006.10861(2020)."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"crossref","unstructured":"Peter Phaal Sonia Panchen and Neil McKee. 2001. RFC3176: InMon Corporation\u2019s sFlow: A Method for Monitoring Traffic in Switched and Routed Networks.  Peter Phaal Sonia Panchen and Neil McKee. 2001. RFC3176: InMon Corporation\u2019s sFlow: A Method for Monitoring Traffic in Switched and Routed Networks.","DOI":"10.17487\/rfc3176"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1515\/popets-2017-0028"},{"key":"e_1_3_2_1_41_1","volume-title":"21st USENIX Security Symposium (USENIX Security 12)","author":"Rizzo Luigi","year":"2012","unstructured":"Luigi Rizzo . 2012 . netmap: a novel framework for fast packet I\/O . In 21st USENIX Security Symposium (USENIX Security 12) . 101\u2013112. Luigi Rizzo. 2012. netmap: a novel framework for fast packet I\/O. In 21st USENIX Security Symposium (USENIX Security 12). 101\u2013112."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2019.8737360"},{"key":"e_1_3_2_1_43_1","volume-title":"Highlights from the Unit 42 Cloud Threat Report, 1H","author":"Unit","year":"2021","unstructured":"Unit 42. 2021. Highlights from the Unit 42 Cloud Threat Report, 1H 2021 . https:\/\/unit42.paloaltonetworks.com\/highlights-cloud-threat-report-1h-2021\/. Unit 42. 2021. Highlights from the Unit 42 Cloud Threat Report, 1H 2021. https:\/\/unit42.paloaltonetworks.com\/highlights-cloud-threat-report-1h-2021\/."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"crossref","unstructured":"Said Varlioglu Bilal Gonen Murat Ozer and Mehmet\u00a0F Bastug. 2020. Is Cryptojacking Dead after Coinhive Shutdown?arXiv preprint arXiv:2001.02975(2020).  Said Varlioglu Bilal Gonen Murat Ozer and Mehmet\u00a0F Bastug. 2020. Is Cryptojacking Dead after Coinhive Shutdown?arXiv preprint arXiv:2001.02975(2020).","DOI":"10.1109\/ICICT50521.2020.00068"},{"key":"e_1_3_2_1_45_1","volume-title":"Walkie-talkie: An efficient defense against passive website fingerprinting attacks. In 26th {USENIX} Security Symposium ({USENIX} Security 17). 1375\u20131390.","author":"Wang Tao","year":"2017","unstructured":"Tao Wang and Ian Goldberg . 2017 . Walkie-talkie: An efficient defense against passive website fingerprinting attacks. In 26th {USENIX} Security Symposium ({USENIX} Security 17). 1375\u20131390. Tao Wang and Ian Goldberg. 2017. Walkie-talkie: An efficient defense against passive website fingerprinting attacks. In 26th {USENIX} Security Symposium ({USENIX} Security 17). 1375\u20131390."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-98989-1_7"},{"key":"e_1_3_2_1_47_1","volume-title":"Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis.. In NDSS, Vol.\u00a09. Citeseer.","author":"Wright V","year":"2009","unstructured":"Charles\u00a0 V Wright , Scott\u00a0 E Coull , and Fabian Monrose . 2009 . Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis.. In NDSS, Vol.\u00a09. Citeseer. Charles\u00a0V Wright, Scott\u00a0E Coull, and Fabian Monrose. 2009. Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis.. In NDSS, Vol.\u00a09. Citeseer."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/505202.505234"},{"key":"e_1_3_2_1_49_1","unstructured":"ZeroDot1. 2020. Simple lists that can help prevent cryptomining in the browser or other applications. https:\/\/gitlab.com\/ZeroDot1\/CoinBlockerLists.  ZeroDot1. 2020. Simple lists that can help prevent cryptomining in the browser or other applications. https:\/\/gitlab.com\/ZeroDot1\/CoinBlockerLists."},{"key":"e_1_3_2_1_50_1","volume-title":"MineHunter: A Practical Cryptomining Traffic Detection Algorithm Based on Time Series Tracking. In Annual Computer Security Applications Conference. 1051\u20131063","author":"Zhang Shize","year":"2021","unstructured":"Shize Zhang , Zhiliang Wang , Jiahai Yang , Xin Cheng , XiaoQian Ma , Hui Zhang , Bo Wang , Zimu Li , and Jianping Wu . 2021 . MineHunter: A Practical Cryptomining Traffic Detection Algorithm Based on Time Series Tracking. In Annual Computer Security Applications Conference. 1051\u20131063 . Shize Zhang, Zhiliang Wang, Jiahai Yang, Xin Cheng, XiaoQian Ma, Hui Zhang, Bo Wang, Zimu Li, and Jianping Wu. 2021. MineHunter: A Practical Cryptomining Traffic Detection Algorithm Based on Time Series Tracking. In Annual Computer Security Applications Conference. 1051\u20131063."},{"key":"e_1_3_2_1_51_1","unstructured":"Aaron Zimba Zhaoshun Wang Mwenge Mulenga and Nickson\u00a0Herbert Odongo. 2018. Crypto mining attacks in information systems: An emerging threat to cyber security. Journal of Computer Information Systems(2018) 1\u201312.  Aaron Zimba Zhaoshun Wang Mwenge Mulenga and Nickson\u00a0Herbert Odongo. 2018. Crypto mining attacks in information systems: An emerging threat to cyber security. Journal of Computer Information Systems(2018) 1\u201312."}],"event":{"name":"RAID 2022: 25th International Symposium on Research in Attacks, Intrusions and Defenses","location":"Limassol Cyprus","acronym":"RAID 2022"},"container-title":["Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3545948.3545973","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3545948.3545973","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:30:17Z","timestamp":1750188617000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3545948.3545973"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,26]]},"references-count":51,"alternative-id":["10.1145\/3545948.3545973","10.1145\/3545948"],"URL":"https:\/\/doi.org\/10.1145\/3545948.3545973","relation":{},"subject":[],"published":{"date-parts":[[2022,10,26]]},"assertion":[{"value":"2022-10-26","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}