Rohde & Schwarz Cybersecurity, a leading IT security company, has enhanced its R&SPACE 2 deep packet inspection (DPI) software to include Stratum protocol classification capabilities. The DPI engine can now reliably classify and therefore enable network security solutions to block malicious mining activities.
A new category of cryptocurrency-based cyberattacks that mine cryptocurrencies on the victims PC over the internet are increasing in popularity. Known as drive-by mining and stealth mining, these network-based cryptocurrency attacks use the Stratum network protocol to transfer the results of the malicious mining activities to a mining pool controlled by the attacker.
By embedding the R&S PACE 2 DPI software with Stratum protocol classification capabilities into network security solutions, vendors enhance their visibility of networks and control over security risks. With this increased visibility network security solutions are able to detect symptoms of drive-by crypto and stealth mining attacks and can implement countermeasures such as application control policies or security algorithms based on anomaly detection.
The DPI software library R&S PACE 2 provides powerful and reliable detection and classification of thousands of applications and protocols by combining deep packet inspection and behavioral traffic analysis – regardless of whether the protocols use advanced obfuscation, port-hopping techniques or encryption.
“Growth in the cryptocurrency market and availability of mineable coins has led to a rise in malicious mining activity affecting enterprises and private users worldwide. Drive-by and stealth mining are only the tip of the iceberg and we will see more activities in the areas of crypto mining in the years to come,” said Alexander Müller, product manager for DPI at Rohde & Schwarz Cybersecurity. “Our high-performance R&S PACE 2 DPI engine when embedded in network security solutions now helps to detect and protect networks from network-based crypto attacks.”
Stratum is a mining communication protocol used by blockchain based cryptocurrency systems and enables miners to reliably and efficiently fetch jobs from mining pool servers. Miners benefit from reduced bandwidth and server load on larger pools.
About Rohde & Schwarz
The Rohde & Schwarz technology group develops, produces and markets innovative information and communications technology products for professional users. Rohde & Schwarz focuses on test and measurement, broadcast and media, cybersecurity, secure communications and monitoring and network testing, areas that address many different industry and government-sector market segments. Founded more than 80 years ago, the independent company has an extensive sales and service network in more than 70 countries. On June 30, 2017, Rohde & Schwarz had approximately 10,500 employees. The group achieved a net revenue of approximately EUR 1.9 billion in the 2016/2017 fiscal year (July to June). The company is headquartered in Munich, Germany, and also has regional hubs in Asia and the USA.
R&S ® is a registered trademark of Rohde & Schwarz GmbH & Co. KG.