MineShark: Cryptomining Traffic Detection at Scale
Shaoke Xi
Network and Distributed System Security (NDSS) Symposium 2025 · Day 1 · Network Security 1
This talk introduces **MineShark**, an innovative online detection system designed to combat **cryptojacking** attacks by identifying cryptomining traffic at scale. Presented by Shaoke Xi, MineShark addresses critical limitations of existing network intrusion detection systems (NIDS) and machine learning (ML) models in handling high-speed network traffic and reducing an overwhelming number of false alarms. Cryptojacking, the unauthorized use of computational power for cryptocurrency mining, poses a significant threat to organizational infrastructure, leading to increased resource consumption, degraded service performance, and potential financial losses.
AI review
MineShark is competent, well-scoped systems research that solves a real operational problem — ML inference throughput and false alarm volume at line rate. The 10-month campus deployment with measurable lead times over VirusTotal is the strongest card it plays. Not groundbreaking, but honest work done properly.