DESIGN AND PRACTICE OF MALICIOUS MINING TRAFFIC RAPID DETECTION FRAMEWORK

With the development of the Internet, the number of malware is getting more and more, among which the malicious mining software uses the system vulnerabilities for digital currency mining, and secretly consumes the computing resources and network resources of the system, which is one of the priorities of many groups. Aiming at the problems of current malicious mining behavior being difficult to detect and low in accuracy, this paper designs a new fast malicious mining traffic detection framework. The framework achieved scalable processing capabilities through clear process combinations, accurate detection capabilities through targeted extraction of mining traffic characteristics and optimized naive Bayesian algorithms, and highly compatible deployment capabilities through flexible module configuration. This paper analyzed and configured the campus network application environment, and proved through experiments that the framework could effectively detect encrypted, non-encrypted and IPv6-based mining traffic quickly.