A Malicious Mining Code Detection Method Based on Multi-Features Fusion

With the continuous increase in the economic value of new digital currencies represented by Bitcoin, more and more cybercriminals use malicious code to occupy victims' system resources and network resources for mining without the victims' permission, thereby obtaining cryptocurrency. This type of malicious code named malicious mining code has brought considerable influence and harm to society, enterprises and users. The mining code always conceals the fact that it consumes computer resources in a way that is difficult for ordinary people to discover. This paper proposes a malicious mining code detection method based on feature fusion and machine learning. First, we analyze from static analysis methods and statistical analysis methods to extract multi-dimensional features. Then for multi-dimensional text features, feature vectors are extracted through the n-gram model and TF-IDF, and best feature vectors are selected through the classifier and we fuse these best feature vectors with other statistic features to train our detection model. Finally, automatic detection is performed based on the machine learning framework. The experimental results show that the recognition accuracy of our method can reach 98.0%, its F1 score reach 0.969, and the ROC's AUC reach 0.973.