A new artificial intelligence (AI) system, developed by computer scientists from Los Alamos National Laboratory, could help detect malicious codes that hack supercomputers to extract cryptocurrency, like Monero and Bitcoin.
Based on recent computer break-ins in Europe and elsewhere, this type of software watchdog will soon be crucial to prevent cryptocurrency miners from hacking into high-performance computing facilities and stealing precious computing resources. Our deep learning artificial intelligence model is designed to detect the abusive use of supercomputers specifically for the purpose of cryptocurrency mining.
Gopinath Chennupati, Study Co-Author and Researcher, Los Alamos National Laboratory
The study was published in the IEEE Access journal on July 27th, 2020.
Cryptocurrencies, like Bitcoin, are types of digital money. As such, cryptocurrency miners do not mint this money like paper bills or coins, but they digitally dig for money by conducting calculations that are computationally intense.
Massive computer arrays, which are meant for digging up digital money, are usually assembled by legitimate cryptocurrency miners. However, malicious miners have discovered that they could become wealthy by stealing supercomputers, provided they cover their tracks well.
The latest AI algorithm has been developed to catch such malicious miners red-handed by comparing programs on the basis of graphs, which are similar to fingerprints for software. The entire programs can be denoted by graphs consisting of nodes connected by jumps, loops, or lines.
Just like how human criminals can be captured by comparing the arcs and whorls on their fingertips to records existing in a fingerprint database, the latest AI algorithm compares the outlines in the flow-control graph of a program to a catalog of graphs for programs that are permitted to work on a specified computer.
But rather than finding a match to a familiar criminal program, the AI system checks to establish whether a graph is among those that detect programs believed to be operating on the system.
To test the AI system, the team compared a familiar, benign code to an obnoxious, Bitcoin mining code. They observed that the AI system detected the illicit mining operation relatively faster and more consistently when compared to traditional, non-AI analyses.
Since the method depends on graph comparisons, it cannot be outwitted by standard methods that are used by malicious cryptocurrency miners to mask their codes, like including comments and obscuring variables meant to make the codes appear like genuine programming.
Although this graph-based method may not provide a completely fail-safe solution for all situations, it considerably widens the set of effective methods that can be used by cyber detectives in their ongoing attempts to capture cyber criminals.
Considering the latest computer crimes, these software watchdogs may soon prove handy to stop cryptocurrency miners from breaking into high-performance computing centers and hijacking valuable computing resources.
Haridas, P., et al. (2020) Code Characterization with Graph Convolutions and Capsule Networks. IEEE Access. doi.org/10.1109/ACCESS.2020.3011909.