摘要翻译：
在这篇论文中，我们考察了最近在浏览器中挖掘加密货币的趋势；特别是通过Coinhive和类似的代码库挖掘Monero。在该模型中，访问网站的用户将下载JavaScript代码，该代码在其浏览器的客户端执行，通常在未经其同意或知情的情况下挖掘加密货币，并向网站支付铸币税。网站可能有意识地将此作为替代方案或补充广告收入，可能提供高端内容以换取挖掘，或者可能由于违规而无意中提供代码（在这种情况下，铸币税由攻击者收取）。加密货币Monero之所以受到青睐，似乎是因为它对大规模ASIC挖掘不友好，这将把基于浏览器的努力赶出市场，也因为它声称的隐私功能。在本文中，我们调查了这一情况，进行了一些测量来确定它的流行率和盈利能力，概述了一个伦理框架来考虑它应该被归类为攻击还是商业机会，并为不同意的用户提出了检测、缓解和/或防止基于浏览器的挖掘的建议。
---
英文标题：
《A first look at browser-based Cryptojacking》
---
作者：
Shayan Eskandari, Andreas Leoutsarakos, Troy Mursch, Jeremy Clark
---
最新提交年份：
2018
---
分类信息：

一级分类：Computer Science        计算机科学
二级分类：Cryptography and Security        密码学与安全
分类描述：Covers all areas of cryptography and security including authentication, public key cryptosytems, proof-carrying code, etc. Roughly includes material in ACM Subject Classes D.4.6 and E.3.
涵盖密码学和安全的所有领域，包括认证、公钥密码系统、携带证明的代码等。大致包括ACM主题课程D.4.6和E.3中的材料。
--
一级分类：Computer Science        计算机科学
二级分类：Computers and Society        计算机与社会
分类描述：Covers impact of computers on society, computer ethics, information technology and public policy, legal aspects of computing, computers and education. Roughly includes material in ACM Subject Classes K.0, K.2, K.3, K.4, K.5, and K.7.
涵盖计算机对社会的影响、计算机伦理、信息技术和公共政策、计算机的法律方面、计算机和教育。大致包括ACM学科类K.0、K.2、K.3、K.4、K.5和K.7中的材料。
--
一级分类：Computer Science        计算机科学
二级分类：Human-Computer Interaction        人机交互
分类描述：Covers human factors, user interfaces, and collaborative computing. Roughly includes material in ACM Subject Classes H.1.2 and all of H.5, except for H.5.1, which is more likely to have Multimedia as the primary subject area.
包括人为因素、用户界面和协作计算。大致包括ACM学科课程H.1.2和所有H.5中的材料，除了H.5.1，它更有可能以多媒体作为主要学科领域。
--
一级分类：Economics        经济学
二级分类：Econometrics        计量经济学
分类描述：Econometric Theory, Micro-Econometrics, Macro-Econometrics, Empirical Content of Economic Relations discovered via New Methods, Methodological Aspects of the Application of Statistical Inference to Economic Data.
计量经济学理论，微观计量经济学，宏观计量经济学，通过新方法发现的经济关系的实证内容，统计推论应用于经济数据的方法论方面。
--

---
英文摘要：
  In this paper, we examine the recent trend towards in-browser mining of cryptocurrencies; in particular, the mining of Monero through Coinhive and similar code- bases. In this model, a user visiting a website will download a JavaScript code that executes client-side in her browser, mines a cryptocurrency, typically without her consent or knowledge, and pays out the seigniorage to the website. Websites may consciously employ this as an alternative or to supplement advertisement revenue, may offer premium content in exchange for mining, or may be unwittingly serving the code as a result of a breach (in which case the seigniorage is collected by the attacker). The cryptocurrency Monero is preferred seemingly for its unfriendliness to large-scale ASIC mining that would drive browser-based efforts out of the market, as well as for its purported privacy features. In this paper, we survey this landscape, conduct some measurements to establish its prevalence and profitability, outline an ethical framework for considering whether it should be classified as an attack or business opportunity, and make suggestions for the detection, mitigation and/or prevention of browser-based mining for non- consenting users.
---
PDF链接：
https://arxiv.org/pdf/1803.02887