Security software enhanced with Stratum mining protocol
R&S PACE 2 deep packet inspection (DPI) software from Rohde & Schwarz has been enhanced to include Stratum protocol classification capabilities. The DPI engine can now reliably classify and therefore enable network security solutions to blockmalicious mining activities.
A new category of cryptocurrency-based cyberattacks that mine cryptocurrencies on the victims PC over the internet are increasing in popularity.
Known as drive-by mining and stealth mining, these network-based cryptocurrency attacks use the Stratum network protocol to transfer the results of the malicious mining activities to a mining pool controlled by the attacker.
By embedding the R&S PACE 2 DPI software with Stratum protocol classification capabilities into network security solutions, vendors enhance their visibility of networks and control over security risks.
With this increased visibility network security solutions are able to detect symptoms of drive-by crypto and stealth mining attacks and can implement countermeasures such as application control policies or security algorithms based on anomaly detection.
The DPI software library R&S PACE 2 provides powerful and reliable detection and classification of thousands of applications and protocols by combining deep packet inspection and behavioral traffic analysis -- regardless of whether the protocols use advanced obfuscation, port-hopping techniques or encryption.
"Growth in the cryptocurrency market and availability of mineable coins has led to a rise in malicious mining activity affecting enterprises and private users worldwide. Drive-by and stealth mining are only the tip of the iceberg and we will see more activities in the areas of crypto mining in the years to come," said Alexander Müller, product manager for DPI at Rohde & Schwarz Cybersecurity. "Our high-performance R&S PACE 2 DPI engine when embedded in network security solutions now helps to detect and protect networks from network-based crypto attacks."