Journal Article10.1002/CPE.5422
Ransomware detection using machine learning algorithms
121
TL;DR: A ransomware detection method that can distinguish between ransomware and benign files as well as between malware and malware is proposed and the experimental results show that the proposed method can detect ransomware among malware and benign Files.
read more
Abstract: The number of ransomware variants has increased rapidly every year, and ransomware needs to be distinguished from the other types of malware to protect users' machines from ransomware‐based attacks. Ransomware is similar to other types of malware in some aspects, but other characteristics are clearly different. For example, ransomware generally conducts a large number of file‐related operations in a short period of time to lock or to encrypt files of a victim's machine. The signature‐based malware detection methods, which have difficulties to detect zero‐day ransomware, are not suitable to protect users' files against the attacks caused by risky unknown ransomware. Therefore, a new protection mechanism specialized for ransomware is needed, and the mechanism should focus on ransomware‐specific operations to distinguish ransomware from other types of malware as well as benign files. This paper proposes a ransomware detection method that can distinguish between ransomware and benign files as well as between ransomware and malware. The experimental results show that our proposed method can detect ransomware among malware and benign files.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
•Posted Content
A Survey on Ransomware: Evolution, Taxonomy, and Defense Solutions.
TL;DR: A comprehensive survey on ransomware and ransomware defense research with respect to PCs/workstations, mobile devices, and IoT/CPS platforms over the period of 1990-2020 is presented, giving a detailed overview of ransomware evolution, and comprehensively analyze the key building blocks of ransomware.
196
Ransomware: Recent advances, analysis, challenges and future research directions.
TL;DR: In this paper, the authors explored recent advances in ransomware prevention and detection and highlighted future research challenges and directions, and also carried out an analysis of a few popular ransomware samples and developed AESthetic, which was able to evade detection against eight popular antivirus programs.
125
A Study on the Evolution of Ransomware Detection Using Machine Learning and Deep Learning Techniques
Damien Warren Fernando,Nikos Komninos,Thomas M. Chen +2 more
- 15 Dec 2020
TL;DR: The main motivations for this study are the destructive nature of ransomware, the difficulty of reversing a ransomware infection, and how important it is to detect it before infecting a system.
66
Dynamic Feature Dataset for Ransomware Detection Using Machine Learning Algorithms
TL;DR: In this paper , the authors apply dynamic analysis and machine learning to identify the ever-evolving ransomware signatures using selected dynamic features, which can be used for detecting current and even new variants of the threat.
Detecting ransomware attacks using intelligent algorithms: recent development and next direction from deep learning and big data perspectives
Ibrahim Bello,Haruna Chiroma,Usman Ali Abdullahi,Abdulsalam Ya'u Gital,Fatsuma Jauro,Abdullah Khan,Abdullah Khan,Julius Olatunji Okesola,Shafi’i Muhammad Abdulhamid +8 more
TL;DR: The survey shows that there is a growing interest in recent times on the application of intelligent algorithms for ransomware detection, and future research opportunities from the perspective of deep learning and big data analytics to solve the challenges identified from the survey are outlined.
50
References
•Journal Article
Scikit-learn: Machine Learning in Python
Fabian Pedregosa,Gaël Varoquaux,Alexandre Gramfort,Vincent Michel,Bertrand Thirion,Olivier Grisel,Mathieu Blondel,Peter Prettenhofer,Ron Weiss,Vincent Dubourg,Jake Vanderplas,Alexandre Passos,David Cournapeau,Matthieu Brucher,Matthieu Perrot,Edouard Duchesnay +15 more
TL;DR: Scikit-learn is a Python module integrating a wide range of state-of-the-art machine learning algorithms for medium-scale supervised and unsupervised problems, focusing on bringing machine learning to non-specialists using a general-purpose high-level language.
•Posted Content
Scikit-learn: Machine Learning in Python
Fabian Pedregosa,Gaël Varoquaux,Alexandre Gramfort,Vincent Michel,Bertrand Thirion,Olivier Grisel,Mathieu Blondel,Andreas Müller,Joel Nothman,Gilles Louppe,Peter Prettenhofer,Ron Weiss,Vincent Dubourg,Jake Vanderplas,Alexandre Passos,David Cournapeau,Matthieu Brucher,Matthieu Perrot,Edouard Duchesnay +18 more
TL;DR: Scikit-learn as mentioned in this paper is a Python module integrating a wide range of state-of-the-art machine learning algorithms for medium-scale supervised and unsupervised problems.
28.9K
•Proceedings Article
A study of cross-validation and bootstrap for accuracy estimation and model selection
Ron Kohavi
- 20 Aug 1995
TL;DR: The results indicate that for real-word datasets similar to the authors', the best method to use for model selection is ten fold stratified cross validation even if computation power allows using more folds.
CryptoLock (and Drop It): Stopping Ransomware Attacks on User Data
Nolen Scaife,Henry Carter,Patrick Traynor,Kevin R. B. Butler +3 more
- 27 Jun 2016
TL;DR: CryptoDrop is presented, an early-warning detection system that alerts a user during suspicious file activity that significantly mitigates the amount of victim data loss and can be parameterized for rapid detection with low false positives.
511
•Proceedings Article
UNVEIL: a large-scale, automated approach to detecting ransomware
Amin Kharraz,Sajjad Arshad,Collin Mulliner,William Robertson,Engin Kirda +4 more
- 10 Aug 2016
TL;DR: The evaluation shows that UNVEIL significantly improves the state of the art, and is able to identify previously unknown evasive ransomware that was not detected by the antimalware industry.
Related Papers (5)
Deok-Jo Jeon,Dong-Gue Park +1 more
- 31 Mar 2018
Amin Kharraz
- 01 Dec 2017
Deok-Jo Jeon,Dong-Gue Park +1 more
- 31 Jul 2019