Network Forensic of Cryptocurency Miners

Arief Ikhwan Wicaksono, Rama Sahtyawan, Dedy Hariyadi

Submitted : 2022-11-03, Published : 2022-12-31.

Abstract

As reported by BSSN on August, 2022, Indonesia has traffic anomalies of 1.6 billion traffic, with 55.83% of anomaly findings containing malware and the remaining 14.99% information disclosure is another activity. Some of this data, when further analyzed based on the type of attack, falls into the categories of breaches, successes, attempts, and failures. Investigate crimes related to misuse of resources for illegal cryptocurrency mining activities. Therefore, this study should consider acquisitions from the network side as they apply to existing government agencies/institutions. This observation thereby provides information for later evidence, intruder detection, and prosecution of perpetrators who misuse resources for personal gain. As a result, the harvesting processs can obtain valuable data from routers as a digital evidence for investigating information about network attack activitiy and anomalies traffic.

Keywords

Forensics, Cyber Security, Acquisition, Port Mirroring, Security Breach

Full Text:

PDF

References

A. Iswardani and I. Riadi, “DENIAL OF SERVICE LOG ANALYSIS USING DENSITY K-MEANS METHOD,” J. Theor. Appl. Inf. Technol., vol. 20, no. 2, 2016, Accessed: Nov. 03, 2022. [Online]. Available: www.jatit.org.

I. Riadi, J. E. Istiyanto, and A. Ashari, “Internet Forensics Framework Based-on Clustering,” IJACSA) Int. J. Adv. Comput. Sci. Appl., vol. 4, no. 12, 2013, Accessed: Nov. 03, 2022. [Online]. Available: www.ijacsa.thesai.org.

I. Riadi, J. E. Istiyanto, A. Ashari, and Subanar, “Log Analysis Techniques using Clustering in Network Forensics,” undefined, vol. 10, no. 7, 2013, Accessed: Nov. 03, 2022. [Online]. Available: http://www.arin.net/registration/agreements.

G. Gomes, L. Dias, and M. Correia, “CryingJackpot: Network Flows and Performance Counters against Cryptojacking,” 2020 IEEE 19th Int. Symp. Netw. Comput. Appl. NCA 2020, Nov. 2020, doi: 10.1109/NCA51143.2020.9306698.

U. Duta Bangsa Surakarta, F. Teknik dan Teknologi, U. Jenderal Achmad Yani Yogyakarta, F. Ely Nastiti, and F. Sain dan Teknologi Universitas Respati Yogyakarta, “Framework for Acquisition of CCTV Evidence Based on ACPO and SNI ISO/IEC Faulinda Nastiti Framework for Acquisition of CCTV Evidence Based on ACPO and SNI ISO/IEC 27037:2014 Dedy Hariyadi Farida Nur Aini,” 2703, Accessed: Nov. 03, 2022. [Online]. Available: https://www.researchgate.net/publication/328848272.

S. Raghavan, “Digital forensic research: current state of the art,” CSI Trans. ICT, vol. 1, no. 1, pp. 91–114, Mar. 2013, doi: 10.1007/S40012-012-0008-7.

M. Kassim, … M. R.-2022 I. 12th, and undefined 2022, “Network Analysis of Students’ Online Activities via Port mirroring Switch Port Analyzer,” ieeexplore.ieee.org, Accessed: Nov. 03, 2022. [Online]. Available: https://ieeexplore.ieee.org/abstract/document/9794504/.

P. Eden et al., “Forensic readiness for SCADA/ICS incident response,” scienceopen.com, 2016, doi: 10.14236/ewic/ICS2016.16.

M. Yang, Y. Wang, H. D.-2014 F. International, and undefined 2014, “Design of Win Pcap Based ARP Spoofing Defense System,” ieeexplore.ieee.org, Accessed: Nov. 03, 2022. [Online]. Available: https://ieeexplore.ieee.org/abstract/document/6995023/.

M. Mazdadi, I. Riadi, A. L.-I. J. of Computer, and undefined 2017, “Live forensics on routeros using api services to investigate network attacks,” academia.edu, Accessed: Nov. 03, 2022. [Online]. Available: https://www.academia.edu/download/55897709/Journal_of_Computer_Science_IJCSIS_February_2017_Part_II.pdf#page=171.

G. Stoitsov, V. R.-T. Journal, and undefined 2014, “One implementation of API interface for RouterOS,” temjournal.com, vol. 3, no. 2, 2014, Accessed: Nov. 03, 2022. [Online]. Available: https://www.temjournal.com/documents/vol3no2/8/One implementation of API interface for RouterOS.pdf.

Article Metrics

Abstract view: 225 times
Download     : 186   times

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

Refbacks

  • There are currently no refbacks.