Um Mecanismo de Aprendizado Incremental para Detecção e Bloqueio de Mineração de Criptomoedas em Redes Definidas por Software
Resumo
A mineração não autorizada de criptomoedas implica o uso de valiosos recursos de computação e o alto consumo de energia. Este artigo propõe o mecanismo MineCap, um mecanismo dinâmico e em linha para detectar e bloquear fluxos de mineração não autorizada de criptomoedas, usando o aprendizado de máquina em redes definidas por software. O MineCap desenvolve a técnica de super aprendizado incremental, uma variante do super learner aplicada ao aprendizado incremental. O super aprendizado incremental proporciona ao MineCap precisão para classificar os fluxos de mineração ao passo que o mecanismo aprende com dados recebidos. Os resultados revelam que o mecanismo alcança 98% de acurácia, 99% de precisão, 97% de sensibilidade e 99,9% de especificidade e evita problemas relacionados ao desvio de conceito.Referências
Andreoni Lopez, M., Lobato, A. G. P. e Duarte, O. C. M. B. (2016). A performance comparison of open-source stream processing platforms. Em 2016 IEEE Global Communications Conference (GLOBECOM), p. 1–6.
Andreoni Lopez, M., Mattos, D. M. F., Duarte, O. C. M. B. e Pujolle, G. (2019). Toward a monitoring and threat detection system based on stream processing as a virtual network function for big data. Concurrency and Computation: Practice and Experience, 0(0):1–17.
Bannour, F., Souihi, S. e Mellouk, A. (2018). Distributed SDN control: Survey, taxonomy, and challenges. IEEE Communications Surveys Tutorials, 20(1):333–354.
Carbone, P., Ewen, S., Haridi, S., Katsifodimos, A., Markl, V. e Tzoumas, K. (2015). Apache Flink: Unied Stream and Batch Processing in a Single Engine. Data Engine- ering, p. 28–38.
de Oliveira, M. T., Carrara, G. R., Fernandes, N. C., Albuquerque, C. V. N., Carrano,
R. C., de Medeiros, D. S. V. e Mattos, D. M. F. (2019). Towards a performance evaluation of private blockchain frameworks using a realistic workload. Em 2019 22nd Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN), Paris.
Fei-Fei, L., Fergus, R. e Perona, P. (2007). Learning generative visual models from few training examples: An incremental bayesian approach tested on 101 object categories. Computer Vision and Image Understanding, 106(1):59 – 70. Special issue on Generative Model Based Vision.
Gama, J., Zliobaite, I., Bifet, A., Pechenizkiy, M. e Bouchachia, A. (2014). A survey on concept drift adaptation. ACM computing surveys (CSUR), 46(4):44.
Ingols, K. (2009). Modeling modern network attacks and countermeasures using attack graphs. Computer Security Applications Conference.
Konoth, R. K., Vineti, E., Moonsamy, V., Lindorfer, M., Kruegel, C., Bos, H. e Vigna, G. (2018). Minesweeper: An in-depth look into drive-by cryptocurrency mining and its defense. Em Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, p. 1714–1730. ACM.
Luengo, J., Fernández, A., García, S. e Herrera, F. (2011). Addressing data complexity for imbalanced data sets: analysis of smote-based oversampling and evolutionary undersampling. Soft Computing, 15(10):1909–1936.
Mattos, D. M. F., Duarte, O. C. M. B. e Pujolle, G. (2016). Reverse update: A consistent policy update scheme for software-dened networking. IEEE Communications Letters, 20(5):886–889.
McAfee, A., Brynjolfsson, E., Davenport, T. H., Patil, D. e Barton, D. (2012). Big data: the management revolution. Harvard business review, 90(10):60–68.
Medeiros, D. S. V., Cunha Neto, H. N., Andreoni Lopez, M., Magalhães, L. C. S., Silva,
E. F., Vieira, A. B., Fernandes, N. C. e Mattos, D. M. F. (2019). Análise de dados em redes sem o de grande porte: Processamento em uxo em tempo real, tendências e desaos. Minicursos do Simpósio Brasileiro de Redes de Computadores-SBRC, 2019:142–195.
Meng, X., Bradley, J., Yavuz, B., Sparks, E., Venkataraman, S., Liu, D., Freeman, J., Tsai, D., Amde, M., Owen, S. et al. (2016). Mllib: Machine learning in apache spark. The Journal of Machine Learning Research, 17(1):1235–1241.
Open Networking Foundation (2012). OpenFlow Switch Specication Version 1.3.0 (Wire Protocol 0x04). The OpenFlow Consortium.
Pietraszek, T. e Tanner, A. (2005). Data mining and machine learning—towards reducing false positives in intrusion detection. Information security technical report, 10(3):169– 183.
Polikar, R., Upda, L., Upda, S. S. e Honavar, V. (2001). Learn++: an incremental learning algorithm for supervised neural networks. IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews), 31(4):497–508.
Porras, P. A. e Valdes, A. (2001). Network surveillance. US Patent 6,321,338.
Tahir, R., Huzaifa, M., Das, A., Ahmad, M., Gunter, C., Zaffar, F., Caesar, M. e Borisov, N. (2017). Mining on someone else's dime: Mitigating covert mining operations in clouds and enterprises. Em International Symposium on Research in Attacks, Intrusi- ons, and Defenses, p. 287–310. Springer.
Van der Laan, M. J., Polley, E. C. e Hubbard, A. E. (2007). Super learner. Statistical applications in genetics and molecular biology, 6(1).
Wang, S., Minku, L. L., Ghezzi, D., Caltabiano, D., Tino, P. e Yao, X. (2013). Concept drift detection for online class imbalance learning. Em The 2013 Int. Joint Conference on Neural Networks (IJCNN), p. 1–10.
Andreoni Lopez, M., Mattos, D. M. F., Duarte, O. C. M. B. e Pujolle, G. (2019). Toward a monitoring and threat detection system based on stream processing as a virtual network function for big data. Concurrency and Computation: Practice and Experience, 0(0):1–17.
Bannour, F., Souihi, S. e Mellouk, A. (2018). Distributed SDN control: Survey, taxonomy, and challenges. IEEE Communications Surveys Tutorials, 20(1):333–354.
Carbone, P., Ewen, S., Haridi, S., Katsifodimos, A., Markl, V. e Tzoumas, K. (2015). Apache Flink: Unied Stream and Batch Processing in a Single Engine. Data Engine- ering, p. 28–38.
de Oliveira, M. T., Carrara, G. R., Fernandes, N. C., Albuquerque, C. V. N., Carrano,
R. C., de Medeiros, D. S. V. e Mattos, D. M. F. (2019). Towards a performance evaluation of private blockchain frameworks using a realistic workload. Em 2019 22nd Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN), Paris.
Fei-Fei, L., Fergus, R. e Perona, P. (2007). Learning generative visual models from few training examples: An incremental bayesian approach tested on 101 object categories. Computer Vision and Image Understanding, 106(1):59 – 70. Special issue on Generative Model Based Vision.
Gama, J., Zliobaite, I., Bifet, A., Pechenizkiy, M. e Bouchachia, A. (2014). A survey on concept drift adaptation. ACM computing surveys (CSUR), 46(4):44.
Ingols, K. (2009). Modeling modern network attacks and countermeasures using attack graphs. Computer Security Applications Conference.
Konoth, R. K., Vineti, E., Moonsamy, V., Lindorfer, M., Kruegel, C., Bos, H. e Vigna, G. (2018). Minesweeper: An in-depth look into drive-by cryptocurrency mining and its defense. Em Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, p. 1714–1730. ACM.
Luengo, J., Fernández, A., García, S. e Herrera, F. (2011). Addressing data complexity for imbalanced data sets: analysis of smote-based oversampling and evolutionary undersampling. Soft Computing, 15(10):1909–1936.
Mattos, D. M. F., Duarte, O. C. M. B. e Pujolle, G. (2016). Reverse update: A consistent policy update scheme for software-dened networking. IEEE Communications Letters, 20(5):886–889.
McAfee, A., Brynjolfsson, E., Davenport, T. H., Patil, D. e Barton, D. (2012). Big data: the management revolution. Harvard business review, 90(10):60–68.
Medeiros, D. S. V., Cunha Neto, H. N., Andreoni Lopez, M., Magalhães, L. C. S., Silva,
E. F., Vieira, A. B., Fernandes, N. C. e Mattos, D. M. F. (2019). Análise de dados em redes sem o de grande porte: Processamento em uxo em tempo real, tendências e desaos. Minicursos do Simpósio Brasileiro de Redes de Computadores-SBRC, 2019:142–195.
Meng, X., Bradley, J., Yavuz, B., Sparks, E., Venkataraman, S., Liu, D., Freeman, J., Tsai, D., Amde, M., Owen, S. et al. (2016). Mllib: Machine learning in apache spark. The Journal of Machine Learning Research, 17(1):1235–1241.
Open Networking Foundation (2012). OpenFlow Switch Specication Version 1.3.0 (Wire Protocol 0x04). The OpenFlow Consortium.
Pietraszek, T. e Tanner, A. (2005). Data mining and machine learning—towards reducing false positives in intrusion detection. Information security technical report, 10(3):169– 183.
Polikar, R., Upda, L., Upda, S. S. e Honavar, V. (2001). Learn++: an incremental learning algorithm for supervised neural networks. IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews), 31(4):497–508.
Porras, P. A. e Valdes, A. (2001). Network surveillance. US Patent 6,321,338.
Tahir, R., Huzaifa, M., Das, A., Ahmad, M., Gunter, C., Zaffar, F., Caesar, M. e Borisov, N. (2017). Mining on someone else's dime: Mitigating covert mining operations in clouds and enterprises. Em International Symposium on Research in Attacks, Intrusi- ons, and Defenses, p. 287–310. Springer.
Van der Laan, M. J., Polley, E. C. e Hubbard, A. E. (2007). Super learner. Statistical applications in genetics and molecular biology, 6(1).
Wang, S., Minku, L. L., Ghezzi, D., Caltabiano, D., Tino, P. e Yao, X. (2013). Concept drift detection for online class imbalance learning. Em The 2013 Int. Joint Conference on Neural Networks (IJCNN), p. 1–10.
Publicado
02/09/2019
Como Citar
C. NETO, Helio; LOPEZ, Martin; FERNANDES, Natalia; MATTOS, Diogo.
Um Mecanismo de Aprendizado Incremental para Detecção e Bloqueio de Mineração de Criptomoedas em Redes Definidas por Software. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 19. , 2019, São Paulo.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2019
.
p. 365-378.
DOI: https://doi.org/10.5753/sbseg.2019.13984.
