{"id":"https://openalex.org/W2897385569","doi":"https://doi.org/10.1145/3243734.3243840","title":"How You Get Shot in the Back","display_name":"How You Get Shot in the Back","publication_year":2018,"publication_date":"2018-10-15","ids":{"openalex":"https://openalex.org/W2897385569","doi":"https://doi.org/10.1145/3243734.3243840","mag":"2897385569"},"language":"en","primary_location":{"id":"doi:10.1145/3243734.3243840","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3243734.3243840","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5054807919","display_name":"Geng Hong","orcid":"https://orcid.org/0000-0003-1811-9432"},"institutions":[{"id":"https://openalex.org/I24943067","display_name":"Fudan University","ror":"https://ror.org/013q1eq08","country_code":"CN","type":"education","lineage":["https://openalex.org/I24943067"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Geng Hong","raw_affiliation_strings":["Fudan University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Fudan University, Shanghai, China","institution_ids":["https://openalex.org/I24943067"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101856258","display_name":"Zhemin Yang","orcid":"https://orcid.org/0000-0002-1854-639X"},"institutions":[{"id":"https://openalex.org/I24943067","display_name":"Fudan University","ror":"https://ror.org/013q1eq08","country_code":"CN","type":"education","lineage":["https://openalex.org/I24943067"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhemin Yang","raw_affiliation_strings":["Fudan University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Fudan University, Shanghai, China","institution_ids":["https://openalex.org/I24943067"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5110349146","display_name":"Sen Yang","orcid":null},"institutions":[{"id":"https://openalex.org/I24943067","display_name":"Fudan University","ror":"https://ror.org/013q1eq08","country_code":"CN","type":"education","lineage":["https://openalex.org/I24943067"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Sen Yang","raw_affiliation_strings":["Fudan University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Fudan University, Shanghai, China","institution_ids":["https://openalex.org/I24943067"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100433828","display_name":"Lei Zhang","orcid":"https://orcid.org/0000-0001-7242-5292"},"institutions":[{"id":"https://openalex.org/I24943067","display_name":"Fudan University","ror":"https://ror.org/013q1eq08","country_code":"CN","type":"education","lineage":["https://openalex.org/I24943067"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Lei Zhang","raw_affiliation_strings":["Fudan University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Fudan University, Shanghai, China","institution_ids":["https://openalex.org/I24943067"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5065097911","display_name":"Yuhong Nan","orcid":"https://orcid.org/0000-0001-9597-9888"},"institutions":[{"id":"https://openalex.org/I24943067","display_name":"Fudan University","ror":"https://ror.org/013q1eq08","country_code":"CN","type":"education","lineage":["https://openalex.org/I24943067"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuhong Nan","raw_affiliation_strings":["Fudan University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Fudan University, Shanghai, China","institution_ids":["https://openalex.org/I24943067"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100433028","display_name":"Zhibo Zhang","orcid":"https://orcid.org/0000-0003-4694-8940"},"institutions":[{"id":"https://openalex.org/I24943067","display_name":"Fudan University","ror":"https://ror.org/013q1eq08","country_code":"CN","type":"education","lineage":["https://openalex.org/I24943067"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhibo Zhang","raw_affiliation_strings":["Fudan University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Fudan University, Shanghai, China","institution_ids":["https://openalex.org/I24943067"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052437722","display_name":"Min Yang","orcid":"https://orcid.org/0000-0001-9714-5545"},"institutions":[{"id":"https://openalex.org/I24943067","display_name":"Fudan University","ror":"https://ror.org/013q1eq08","country_code":"CN","type":"education","lineage":["https://openalex.org/I24943067"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Min Yang","raw_affiliation_strings":["Fudan University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Fudan University, Shanghai, China","institution_ids":["https://openalex.org/I24943067"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100368650","display_name":"Yuan Zhang","orcid":"https://orcid.org/0000-0001-5538-1478"},"institutions":[{"id":"https://openalex.org/I24943067","display_name":"Fudan University","ror":"https://ror.org/013q1eq08","country_code":"CN","type":"education","lineage":["https://openalex.org/I24943067"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuan Zhang","raw_affiliation_strings":["Fudan University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"Fudan University, Shanghai, China","institution_ids":["https://openalex.org/I24943067"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022038961","display_name":"Zhiyun Qian","orcid":"https://orcid.org/0000-0003-1506-2522"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zhiyun Qian","raw_affiliation_strings":["University of California Riverside, Riverside, CA, USA"],"affiliations":[{"raw_affiliation_string":"University of California Riverside, Riverside, CA, USA","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5067799841","display_name":"Haixin Duan","orcid":"https://orcid.org/0000-0003-0083-733X"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haixin Duan","raw_affiliation_strings":["Tsinghua University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":10,"corresponding_author_ids":["https://openalex.org/A5054807919"],"corresponding_institution_ids":["https://openalex.org/I24943067"],"apc_list":null,"apc_paid":null,"fwci":9.79,"has_fulltext":false,"cited_by_count":114,"citation_normalized_percentile":{"value":0.9864909,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"1701","last_page":"1713"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8689513206481934},{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.748866856098175},{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.6878716349601746},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6612861752510071},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.6197538375854492},{"id":"https://openalex.org/keywords/obfuscation","display_name":"Obfuscation","score":0.5596809387207031},{"id":"https://openalex.org/keywords/evasion","display_name":"Evasion (ethics)","score":0.5292598009109497},{"id":"https://openalex.org/keywords/web-page","display_name":"Web page","score":0.5206650495529175},{"id":"https://openalex.org/keywords/cryptocurrency","display_name":"Cryptocurrency","score":0.5084235072135925},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.4713194966316223},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.46360811591148376},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.44615229964256287},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.2906479239463806},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.17192092537879944},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.11532554030418396}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8689513206481934},{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.748866856098175},{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.6878716349601746},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6612861752510071},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.6197538375854492},{"id":"https://openalex.org/C40305131","wikidata":"https://www.wikidata.org/wiki/Q2616305","display_name":"Obfuscation","level":2,"score":0.5596809387207031},{"id":"https://openalex.org/C2781251061","wikidata":"https://www.wikidata.org/wiki/Q5416089","display_name":"Evasion (ethics)","level":3,"score":0.5292598009109497},{"id":"https://openalex.org/C21959979","wikidata":"https://www.wikidata.org/wiki/Q36774","display_name":"Web page","level":2,"score":0.5206650495529175},{"id":"https://openalex.org/C180706569","wikidata":"https://www.wikidata.org/wiki/Q13479982","display_name":"Cryptocurrency","level":2,"score":0.5084235072135925},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.4713194966316223},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.46360811591148376},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.44615229964256287},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.2906479239463806},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.17192092537879944},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.11532554030418396},{"id":"https://openalex.org/C8891405","wikidata":"https://www.wikidata.org/wiki/Q1059","display_name":"Immune system","level":2,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C203014093","wikidata":"https://www.wikidata.org/wiki/Q101929","display_name":"Immunology","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/3243734.3243840","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3243734.3243840","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:digitalcommons.fiu.edu:srhreports-3162","is_oa":false,"landing_page_url":"https://digitalcommons.fiu.edu/srhreports/cybersecurity/2023/64","pdf_url":null,"source":{"id":"https://openalex.org/S4306401637","display_name":"Florida International University Digital Commons (Florida International University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I19700959","host_organization_name":"Florida International University","host_organization_lineage":["https://openalex.org/I19700959"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Security Research Hub Reports","raw_type":"text"},{"id":"pmh:oai:digitalcommons.fiu.edu:srhreports-3633","is_oa":false,"landing_page_url":"https://digitalcommons.fiu.edu/srhreports/cybersecurity/cybersecurity/98","pdf_url":null,"source":{"id":"https://openalex.org/S4306401637","display_name":"Florida International University Digital Commons (Florida International University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I19700959","host_organization_name":"Florida International University","host_organization_lineage":["https://openalex.org/I19700959"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Security Research Hub Reports","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6399999856948853,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":11,"referenced_works":["https://openalex.org/W58852127","https://openalex.org/W74184291","https://openalex.org/W1644589732","https://openalex.org/W1970867218","https://openalex.org/W1988699025","https://openalex.org/W2012286502","https://openalex.org/W2503779953","https://openalex.org/W2762598207","https://openalex.org/W2886706106","https://openalex.org/W2963517786","https://openalex.org/W2963603877"],"related_works":["https://openalex.org/W3102852402","https://openalex.org/W2907490423","https://openalex.org/W4287664162","https://openalex.org/W3087706721","https://openalex.org/W4286587341","https://openalex.org/W3025127859","https://openalex.org/W2803161327","https://openalex.org/W2026054276","https://openalex.org/W182825117","https://openalex.org/W2171726649"],"abstract_inverted_index":{"As":[0],"a":[1,18,54,71,106,115,126,137,181,202],"new":[2,46],"mechanism":[3],"to":[4,32,60,96,102,197,218],"monetize":[5],"web":[6,65,166],"content,":[7],"cryptocurrency":[8],"mining":[9],"is":[10,16,58,80,93],"becoming":[11],"increasingly":[12],"popular.":[13],"The":[14],"idea":[15],"simple:":[17],"webpage":[19],"delivers":[20],"extra":[21],"workload":[22],"(JavaScript)":[23],"that":[24],"consumes":[25],"computational":[26],"resources":[27],"on":[28,211,230],"the":[29,90,97,186,212,221,231,243,247],"client":[30],"machine":[31],"solve":[33],"cryptographic":[34],"puzzles,":[35],"typically":[36],"without":[37],"notifying":[38],"users":[39,66],"or":[40],"having":[41],"explicit":[42],"user":[43],"consent.":[44],"This":[45,92],"mechanism,":[47],"often":[48],"heavily":[49],"abused":[50],"and":[51,78,86,150,195],"thus":[52],"considered":[53],"threat":[55],"termed":[56],"\"cryptojacking\",":[57],"estimated":[59],"affect":[61],"over":[62,122],"10":[63],"million":[64],"every":[67],"month;":[68],"however,":[69],"only":[70],"few":[72],"anecdotal":[73],"reports":[74],"exist":[75],"so":[76],"far":[77],"little":[79],"known":[81],"about":[82],"its":[83],"severeness,":[84],"infrastructure,":[85],"technical":[87],"characteristics":[88,130],"behind":[89],"scene.":[91],"likely":[94],"due":[95],"lack":[98],"of":[99,128,131,185,205,233],"effective":[100],"approaches":[101],"detect":[103],"cryptojacking":[104,132,161,187,209],"at":[105],"large-scale":[107],"(e.g.,":[108],"VirusTotal).":[109],"In":[110,216],"this":[111],"paper,":[112],"we":[113,134,179],"take":[114],"first":[116],"step":[117],"towards":[118],"an":[119],"in-depth":[120],"study":[121],"cryptojacking.":[123],"By":[124],"leveraging":[125],"set":[127,204],"inherent":[129],"scripts,":[133],"build":[135],"CMTracker,":[136],"behavior-based":[138],"detector":[139],"with":[140],"two":[141],"runtime":[142],"profilers":[143],"for":[144],"automatically":[145],"tracking":[146],"Cryptocurrency":[147],"Mining":[148],"scripts":[149],"their":[151,190,226],"related":[152],"domains.":[153],"Surprisingly,":[154],"our":[155],"approach":[156],"successfully":[157],"discovered":[158],"2,770":[159],"unique":[160,213],"samples":[162],"from":[163,208],"853,936":[164],"popular":[165],"pages,":[167],"including":[168,189,241],"868":[169],"among":[170],"top":[171],"100K":[172],"in":[173],"Alexa":[174],"list.":[175],"Leveraging":[176],"these":[177],"samples,":[178],"gain":[180],"more":[182],"comprehensive":[183],"picture":[184],"attacks,":[188],"impact,":[191],"distribution":[192],"mechanisms,":[193],"obfuscation,":[194],"attempts":[196],"evade":[198],"detection.":[199],"For":[200],"instance,":[201],"diverse":[203],"organizations":[206],"benefit":[207],"based":[210],"wallet":[214],"ids.":[215],"addition,":[217],"stay":[219],"under":[220],"radar,":[222],"they":[223],"frequently":[224],"update":[225],"attack":[227],"domains":[228],"(fastflux)":[229],"order":[232],"days.":[234],"Many":[235],"attackers":[236],"also":[237],"apply":[238],"evasion":[239],"techniques,":[240],"limiting":[242],"CPU":[244],"usage,":[245],"obfuscating":[246],"code,":[248],"etc.":[249]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":9},{"year":2023,"cited_by_count":15},{"year":2022,"cited_by_count":26},{"year":2021,"cited_by_count":17},{"year":2020,"cited_by_count":17},{"year":2019,"cited_by_count":25}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2018-10-26T00:00:00"}