Análisis descriptivo del vector de ataque del malware Cryptojacking en plataformas Web

Vista sencilla de ítem
dc.contributor.advisorGamba González, Yamid Gabriel
dc.contributor.authorJurado Quintero, Yaris Paola
dc.contributor.cvlacGamba González, Yamid Gabriel [0000041982]spa
dc.contributor.researchgroupGrupo de Investigación Preservación e Intercambio Digital de Información y Conocimiento - Prismaspa
dc.contributor.researchgroupGrupo de Investigaciones Clínicasspa
dc.coverage.campusUNAB Campus Bucaramangaspa
dc.coverage.spatialBucaramanga (Santander, Colombia)spa
dc.coverage.temporal2021spa
dc.date.accessioned2022-11-16T20:34:49Z
dc.date.available2022-11-16T20:34:49Z
dc.date.issued2021
dc.degree.nameIngeniero de Sistemasspa
dc.description.abstractIntroducción: Los entornos digitales orientados a la Web han aportado un gran número de beneficios al diario vivir de las personas, llevando a que cada día miles se conecten masivamente al ciberespacio; sin embargo, esta avalancha de usuarios conectados ha traído consigo múltiples amenazas como el llamado Cryptojacking. En la actualidad la actividad de minado de criptomonedas es cada vez más importante en internet generando inclusive un alto impacto en la economía (Zayuelas et al, 2019). Esta creciente tendencia sumada al costo computacional a nivel de procesamiento que requieren los cálculos intensivos de la minería ha encaminado a que se conciban nuevas estrategias para la obtención de los preciados recursos de CPU para las operaciones de minería de manera secreta y sigilosa, motivando el surgimiento de una nueva amenaza denominada Cryptojacking (Tahir et al, 2019).Este nuevo panorama conlleva la necesidad de estudios para evaluar los riesgos de los recursos informáticos que a diario exponen los usuarios cuando navegan en la Web y que permitan la generación de estrategias de mitigación de este tipo de amenazas en pro de controlar posibles incidentes en sus infraestructuras informáticas evitando la pérdida de sus activos de información. Objetivo: Identificar el funcionamiento del malware Cryptojacking en sitios Web para la generación de recomendaciones de mitigación mediante el análisis de su vector de ataque. Metodología: Se plantea el desarrollo de una investigación aplicada experimental con base en la metodología de investigación de tipo cuantitativa, donde mediante la observación, análisis y caracterización de scripts maliciosos de minado en sitios Web se identificará su estructura y los aspectos más relevantes relacionados con el malware Cryptojacking desarrollando un escenario Web virtualizado para generar estrategias que permitan mitigar este tipo de amenaza. Resultados y Conclusión: La ciberseguridad actualmente es un camino continuo e indefinido, en donde es importante generar estrategias que permitan crear una cultura hacia la seguridad, ello se logra cuando los usuarios quienes son siempre el punto más débil logran una adecuada higiene digital, por esto es importante que se reconozca el actuar de los atacantes y los pasos que realizan antes, durante y después de un ciberatacante. El conocer cómo atacar, implica además de conocer cómo defenderse, saber de qué defenderse y en qué punto tomar medidas preventivas evitando ser objetivo de los ciberdelincuentes.spa
dc.description.abstractenglishIntroduction: Digital environments oriented to the Web have provided a large number of benefits to people's daily lives, leading thousands to massively connect to cyberspace every day; however, this avalanche of connected users has brought with it multiple threats such as the so-called Cryptojacking. Currently, cryptocurrency mining activity is increasingly important on the Internet, even generating a high impact on the economy. (Zayuelas et al, 2019). This growing trend, added to the computational cost at the processing level that intensive mining calculations require, has led to the conception of new strategies to obtain precious CPU resources for mining operations in a secret and stealthy manner, motivating the emergence of a new threat called Cryptojacking (Tahir et al, 2019). This new panorama entails the need for studies to assess the risks of computer resources that users expose daily when browsing the Web and that allow the generation of mitigation strategies. of this type of threats in favor of controlling possible incidents in their computer infrastructures avoiding the loss of their information assets. Objective: Identify how Cryptojacking malware works on websites to generate mitigation recommendations by analyzing its attack vector. Methodology: The development of an experimental applied research is proposed based on the quantitative research methodology, where through the observation, analysis and characterization of malicious mining scripts on Web sites, its structure and the most relevant aspects related to the Cryptojacking malware developing a virtualized Web scenario to generate strategies to mitigate this type of threat. Results and Conclusion: Cybersecurity is currently a continuous path and indefinite, where it is important to generate strategies that allow the creation of a culture towards security, this is achieved when the users who are always the weakest point achieve adequate digital hygiene, for this reason it is important that the actions of the attackers be recognized and the steps they take before, during and after a cyber attacker. Knowing how to attack also implies knowing how to defend yourself, knowing what to defend yourself against and at what point to take preventive measures to avoid being targeted by cybercriminals.spa
dc.description.degreelevelPregradospa
dc.description.learningmodalityModalidad Presencialspa
dc.description.tableofcontentsRESUMEN.......................................................................................................................11 ABSTRACT.....................................................................................................................12 INTRODUCCIÓN.............................................................................................................13 1 PLANTEAMIENTO DEL PROBLEMA ..................................................................15 1.1 ÁRBOL PROBLEMA..........................................................................................16 2 JUSTIFICACIÓN...................................................................................................17 3 OBJETIVOS .........................................................................................................18 3.1 OBJETIVO GENERAL.......................................................................................18 3.2 OBJETIVOS ESPECÍFICOS..............................................................................18 4 MARCO REFERENCIAL ......................................................................................19 4.1 MARCO CONCEPTUAL....................................................................................19 4.1.1 Amenaza .................................................................................................... 19 4.1.2 Aplicaciones orientadas a la Web............................................................... 19 4.1.3 Arquitectura Cliente-Servidor...................................................................... 19 4.1.4 Blockchain .................................................................................................. 19 4.1.5 Ciberseguridad ........................................................................................... 19 4.1.6 Ciberataque................................................................................................ 20 4.1.7 Ciberdelincuente......................................................................................... 20 4.1.8 Criptomonedas ........................................................................................... 20 4.1.9 Front End.................................................................................................... 20 4.1.10 Hackeo ....................................................................................................... 20 4.1.11 Hash........................................................................................................... 21 4.1.12 HTML ......................................................................................................... 21 4.1.13 Ingeniería Social......................................................................................... 21 4.1.14 Javascript ................................................................................................... 21 4.1.15 Lenguaje de programación ......................................................................... 22 4.1.16 Malware...................................................................................................... 22 4.1.17 Minería de datos......................................................................................... 22 4.1.18 Navegador Web.......................................................................................... 22 4.1.19 Phishing...................................................................................................... 22 4.1.20 Seguridad de la información ....................................................................... 22 4.1.21 Vulnerabilidad............................................................................................. 23 4.2 MARCO TEÓRICO............................................................................................23 4.2.1 Cryptojacking oportunidad de negocio o ataque informático....................... 23 4.2.2 Cryptojacking basado en el navegador....................................................... 25 4.3 MARCO LEGAL.................................................................................................25 4.3.1 Ley 1266 del 2008 ...................................................................................... 25 4.3.2 Ley 1273 de 2009....................................................................................... 26 4.3.3 Ley 1581 de 2012....................................................................................... 26 4.3.4 CONPES 3701 del 2011............................................................................. 26 4.3.5 Norma ISO/IEC 27000:2013....................................................................... 26 5 ANTECEDENTES.................................................................................................27 6 ESTADO DEL ARTE ............................................................................................29 6.1 Documentos Seleccionados ..............................................................................29 6.1.1 A Survey of Attack Instances of Cryptojacking Targeting Cloud Infrastructure 29 6.1.2 How You Get Shot in the Back: A Systematical Study about Cryptojacking in the Real World................................................................................................................. 29 6.1.3 Just the Tip of the Iceberg: Internet-Scale Exploitation of Routers for Cryptojacking................................................................................................................... 29 6.1.4 Thieves in the Browser: Web-based Cryptojacking in the Wild ................... 30 6.1.5 A First Look at the Crypto-Mining Malware Ecosystem: A Decade of Unrestricted Wealth ......................................................................................................... 30 6.1.6 A first look at browser-based Cryptojacking ................................................ 30 6.1.7 The other side of the coin: A framework for detecting and analyzing Webbased cryptocurrency mining campaigns ......................................................................... 31 6.1.8 The Browsers Strike Back: Countering Cryptojacking and Parasitic Miners on the Web 31 6.1.9 CMblock: In-browser detection and prevention Cryptojacking tool using blacklist and behavior-based detection method................................................................ 31 6.1.10 An experimental analysis of Cryptojacking attacks ..................................... 31 6.1.11 An Attack Vector Evaluation Method for Smart City Security Protection...... 32 6.1.12 Analysis of the attack vectors used by threat actors during the pandemic... 32 7 RESULTADOS OBTENIDOS ...............................................................................35 7.1 DESARROLLO METODOLÓGICO....................................................................35 7.2 FASE I: DIAGNÓSTICO ....................................................................................38 7.2.1 Proceso De Búsqueda Sistemática De Información.................................... 38 7.2.2 Vector De Ataque Del Cryptojacking........................................................... 39 7.2.3 Caracterización de los Scripts de Cryptojacking en Sitios Web y sus Formas de Inserción 41 7.2.4 Riesgos derivados del ataque Cryptojacking Web ...................................... 44 7.3 FASE II: DISEÑO...............................................................................................45 7.3.1 Diagrama de Casos de Uso........................................................................ 46 7.3.2 Diagrama De Secuencia............................................................................. 46 7.3.3 Diagrama De Actividades ........................................................................... 47 7.3.4 Requerimientos De Diseño Del Escenario De Prueba ................................ 48 7.3.5 Escenario De Prueba.................................................................................. 49 7.4 FASE III: DESARROLLO...................................................................................52 7.4.2 Implementación Del Escenario De Prueba ................................................. 55 7.4.3 Inserción del script malicioso en un Sitio Web controlado........................... 61 7.4.4 Análisis del funcionamiento de vector de ataque del malware Cryptojacking. 64 7.5 FASE IV: ANÁLISIS...........................................................................................65 7.5.1 Lineamientos A Nivel De Organizaciones ................................................... 65 7.5.2 Lineamientos De Buenas Prácticas De Mitigación De Cryptojacking En Sitios Web 65 CONCLUSIONES............................................................................................................70 RECOMENDACIONES Y TRABAJO FUTURO...............................................................71 BIBLIOGRAFÍA...............................................................................................................72spa
dc.format.mimetypeapplication/pdfspa
dc.identifier.instnameinstname:Universidad Autónoma de Bucaramanga - UNABspa
dc.identifier.reponamereponame:Repositorio Institucional UNABspa
dc.identifier.repourlrepourl:https://repository.unab.edu.cospa
dc.identifier.urihttp://hdl.handle.net/20.500.12749/18361
dc.language.isospaspa
dc.publisher.facultyFacultad Ingenieríaspa
dc.publisher.grantorUniversidad Autónoma de Bucaramanga UNABspa
dc.publisher.programPregrado Ingeniería de Sistemasspa
dc.relation.referencesAldweesh A., Alharby M., Mehrnezhad M., Van Moorsel A. (2019). OpBench: A CPU Performance Benchmark for Ethereum Smart Contract Operation Code. Conferencia Internacional IEEE 2019 sobre Blockchain (Blockchain). pp. 274- 281. doi: 10.1109 / Blockchain.2019.00043.spa
dc.relation.referencesBalamurugan, S., & Thangaraj, M. (2019). Cryptojacking malware detection using the bayesian consensus clustering with large iterative multi-tier ensemble in the cryptocurrency in the cloud. International Journal of Recent Technology and Engineering, 8(3), 4256-4264. doi:10.35940/ijrte.C5159.098319spa
dc.relation.referencesBijmans, H. L. J., Booij, T. M., & Doerr, C. (2019). Just the tip of the iceberg: Internetscale exploitation of routers for Cryptojacking . Paper presented at the Proceedings of the ACM Conference on Computer and Communications Security, 449-464. doi:10.1145/3319535.3354230 Retrieved from www.scopus.comspa
dc.relation.referencesBurgess J., Carlin D., O'Kane P. & Sezer S., MANiC: Multi-step Assessment for Crypto-miners, (2019) International Conference on Cyber Security and Protection of Digital Services (Cyber Security), Oxford, United Kingdom, 2019, pp. 1-8. doi: 10.1109/CyberSecPODS.2019.8885003spa
dc.relation.referencesCarlin D., O’Kane P., Sezer S. & J. Burgess, (2019). Detecting Cryptomining Using Dynamic Analysis, 16th Annual Conference on Privacy, Security and Trust (PST), Belfast, 2018, pp. 1-6. doi: 10.1109/PST.2018.8514167spa
dc.relation.referencesDarabian, H., Homayounoot, S., Dehghantanha, A., Hashemi, S., Karimipour, H., Parizi, R. M., & Choo, K. -. R. (2020). Detecting cryptomining malware: A deep learning approach for static and dynamic analysis. Journal of Grid Computing, doi:10.1007/s10723-020-09510-6spa
dc.relation.referencesEskandari S., Leoutsarakos A., Mursch T. & Clark J., (2018) A First Look at BrowserBased Cryptojacking , IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), London. pp. 58-66. doi: 10.1109/EuroSPW.2018.00014spa
dc.relation.referencesFrauenthaler P., Sigwart M., Spanring C., Sober M., Schulte S. (2020) A Costefficient Relay for Ethereum-based Blockchains," 2020 IEEE International Conference on Blockchain (Blockchain). pp. 204-213. doi: 10.1109 / Blockchain50366.2020.00032.spa
dc.relation.referencesGallegos-Segovia P. L., Bravo-Torres J. F., Larios-Rosillo V. M., Vintimilla-Tapia P.spa
dc.relation.referencesE., Yuquilima-Albarado I. F., Jara-Saltos J. D. (2017) Social engineering as an attack vector for ransomware. 2017 CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies (CHILECON). pp. 1-6. doi: 10.1109/CHILECON.2017.8229528.spa
dc.relation.referencesGeng G., Yan Z., Zeng Y., Jin X. (2018). RRPhish: Anti-phishing via mining brand resources request. 2018 IEEE International Conference on Consumer Electronics (ICCE). pp. 1-2. doi: 10.1109/ICCE.2018.8326085.spa
dc.relation.referencesHasan M. I., Prajapati N. B. (2009). An Attack Vector for Deception Through Persuasion Used by Hackers and Crakers. 2009 First International Conference on Networks & Communications. pp. 254-258. doi: 10.1109/NetCoM.2009.59.spa
dc.relation.referencesKantamani, P. R., Potru, G. M., & Yovan Felix, A. (2019). An intuitive way to unmask in-browser Cryptojacking in network level using support vector machine (SVM) in machine learning. International Journal of Recent Technology and Engineering, 8(2 Special Issue 3), 562-566. doi:10.35940/ijrte.B1103.0782S319spa
dc.relation.referencesKaspersky Lab. (2021). ¿Qué es una criptomoneda? Seguridad de criptomonedas: Cuatro consejos para invertir en criptomonedas de forma Segura. https://latam.kaspersky.com/resource-center/definitions/what-is-cryptocurrencyspa
dc.relation.referencesMuñoz J. Z. i., Suárez-Varela J. & Barlet-Ros P. (2019) Detecting cryptocurrency miners with NetFlow/IPFIX network measurements, IEEE International Symposium on Measurements & Networking (M&N), Catania, Italy, 2019, pp. 1- 6. doi: 10.1109/IWMN.2019.8804995spa
dc.relation.referencesMusch, M., Wressnegger, C., Johns, M., & Rieck, K. (2019). Thieves in the browser: Web-based Cryptojacking in the wild. Paper presented at the ACM International Conference Proceeding Series, doi:10.1145/3339252.3339261 Retrieved from www.scopus.comspa
dc.relation.referencesNathezhtha T., Sangeetha D., Vaidehi V. (2019). WC-PAD: Web Crawling based Phishing Attack Detection," 2019 International Carnahan Conference on Security Technology (ICCST). pp. 1-6. doi: 10.1109/CCST.2019.8888416.spa
dc.relation.referencesPant S., Kumar V. (2018). BitTrusty: A BitCoin incentivized peer-to-peer file sharing system. 2018 IEEE 3rd International Conference on Computing, Communication and Security (ICCCS). pp. 148-155. doi: 10.1109/CCCS.2018.8586835.spa
dc.relation.referencesPrema Arokia Mary, G., Suganthi, N., & Hema, M. S. (2019). A recapitalization on crypto jacking and end to end analysis of ransomware attacks. International Journal of Engineering and Advanced Technology, 8(6 Special Issue 3), 1582- 74 1586. doi:10.35940/ijeat. F1291.0986S319spa
dc.relation.referencesSanchez Rubio M. (s.f.) Seminario Ciberdelitos UNIR. No disponible.spa
dc.relation.referencesSrivasthav D. P., Maddali L. P. Vigneswaran R. (2021) Study of Blockchain Forensics and Analytics tools. 2021 3rd Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS). pp. 39-40. doi: 10.1109/BRAINS52497.2021.9569824.spa
dc.relation.referencesSusukailo V., Opirskyy I., Vasylyshyn S. (2020). Analysis of the attack vectors used by threat actors during the pandemic. 2020 IEEE 15th International Conference on Computer Sciences and Information Technologies (CSIT). pp. 261-264, doi: 10.1109/CSIT49958.2020.9321897.spa
dc.relation.referencesTahir R., Durrani, S. Ahmed F., Saeed H., Zaffar F. & Ilyas S., (2019) The Browsers Strike Back: Countering Cryptojacking and Parasitic Miners on the Web, IEEE INFOCOM - IEEE Conference on Computer Communications, Paris, France, 2019, pp. 703-711. doi: 10.1109/INFOCOM.2019.8737360spa
dc.relation.referencesTorre D., Labiche Y., Genero M., Baldassarre MT, Elaasar M. (2018). UML Diagram Synthesis Techniques: A Systematic Mapping Study. 2018 IEEE / ACM 10th International Workshop on Modeling in Software Engineering (MiSE). pp. 33- 40.spa
dc.relation.referencesYang X., Chen Y., Chen X. (2019). Effective Scheme against 51% Attack on Proofof-Work Blockchain with History Weighted Information. 2019 IEEE International Conference on Blockchain (Blockchain). pp. 261-265. doi: 10.1109/Blockchain.2019.00041.spa
dc.relation.referencesYang S., Chen Z., Cui L., Xu M., Ming Z., Xu K. (2019). CoDAG: An Efficient and Compacted DAG-Based Blockchain Protocol. 2019 IEEE International Conference on Blockchain (Blockchain). pp. 314-318. doi: 10.1109/Blockchain.2019.00049.spa
dc.relation.referencesYin M., Wang Q., Cao M., (2019). An Attack Vector Evaluation Method for Smart City Security Protection. Conferencia internacional de 2019 sobre informática, redes y comunicaciones inalámbricas y móviles (WiMob) pp. 1-7. doi: 10.1109 / WiMOB.2019.8923576spa
dc.rights.accessrightsinfo:eu-repo/semantics/openAccessspa
dc.rights.creativecommonsAtribución-NoComercial-SinDerivadas 2.5 Colombia*
dc.rights.localAbierto (Texto Completo)spa
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/2.5/co/*
dc.subject.keywordsSystems engineerspa
dc.subject.keywordsTechnological innovationsspa
dc.subject.keywordsCryptocurrenciesspa
dc.subject.keywordsAttack Vectorspa
dc.subject.keywordsCryptojackingspa
dc.subject.keywordsCrypto miningspa
dc.subject.keywordsMalicious softwarespa
dc.subject.keywordsGood practicesspa
dc.subject.keywordsCriptojackingspa
dc.subject.keywordsData miningspa
dc.subject.keywordsWeb serversspa
dc.subject.lembIngeniería de sistemasspa
dc.subject.lembInnovaciones tecnológicasspa
dc.subject.lembCriptomonedasspa
dc.subject.lembVector de Ataquespa
dc.subject.lembMinería de datosspa
dc.subject.lembServidores webspa
dc.subject.proposalCriptomineríaspa
dc.subject.proposalSoftware maliciosospa
dc.subject.proposalBuenas prácticasspa
dc.titleAnálisis descriptivo del vector de ataque del malware Cryptojacking en plataformas Webspa
dc.title.translatedDescriptive analysis of the malware attack vector Cryptojacking on web platformsspa
dc.type.coarhttp://purl.org/coar/resource_type/c_7a1f
dc.type.coarversionhttp://purl.org/coar/version/c_ab4af688f83e57aaspa
dc.type.driverinfo:eu-repo/semantics/bachelorThesis
dc.type.hasversioninfo:eu-repo/semantics/acceptedVersion
dc.type.localTrabajo de Gradospa
dc.type.redcolhttp://purl.org/redcol/resource_type/TP

Archivos

Bloque original

Mostrando 1 - 2 de 2
Miniatura
Nombre:
2021_Tesis_Jurado_Quintero_Yaris_Paola.pdf
Tamaño:
1.07 MB
Formato:
Adobe Portable Document Format
Descripción:
Tesis
Descargar
Miniatura
Nombre:
2021_Licencia_Jurado_Quintero_Yaris_Paola.pdf
Tamaño:
358.93 KB
Formato:
Adobe Portable Document Format
Descripción:
Licencia
Descargar

Bloque de licencias

Mostrando 1 - 1 de 1
Miniatura
Nombre:
license.txt
Tamaño:
829 B
Formato:
Item-specific license agreed upon to submission
Descripción:
Descargar

Colecciones

Pregrado Ingeniería de Sistemas
Grupo de Investigaciones Clínicas
Grupo de Investigación Preservación e Intercambio Digital de Información y Conocimiento - Prisma