- February 20, 2018
February 20, 2018 — Rohde & Schwarz Cybersecurity has enhanced its R&SPACE 2 deep packet inspection (DPI) software to include Stratum protocol classification capabilities. The DPI engine can now classify and therefore enable network security solutions to block malicious mining activities.
A new category of cryptocurrency-based cyberattacks that mine cryptocurrencies on the victims PC over the internet are increasing in popularity. Known as drive-by mining and stealth mining, these network-based cryptocurrency attacks use the Stratum network protocol to transfer the results of the malicious mining activities to a mining pool controlled by the attacker.
By embedding the R&S PACE 2 DPI software with Stratum protocol classification capabilities into network security solutions, vendors may enhance their visibility of networks and control over security risks. With this visibility, network security solutions are able to detect symptoms of drive-by crypto and stealth mining attacks and can implement countermeasures such as application control policies or security algorithms based on anomaly detection.
The DPI software library R&S PACE 2 provides detection and classification of thousands of applications and protocols by combining deep packet inspection and behavioral traffic analysis – regardless of whether the protocols use advanced obfuscation, port-hopping techniques or encryption.
Stratum is a mining communication protocol used by blockchain based cryptocurrency systems and enables miners to fetch jobs from mining pool servers.