A Proactive Approach for Detecting Ransomware based on Hidden Markov Model (HMM)

Saleh, Mohammed A.

doi:10.20533/ijicr.2042.4655.2019.0122

Cited by 6 publications

(7 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The inadequacy of these measures is partly due to the dynamic and adaptive nature of ransomware attacks, which are becoming increasingly complex and difficult to detect and mitigate with static defense mechanisms [2,29]. As such, there is a growing recognition of the need for more proactive and innovative approaches to ransomware and malware defense [23,27,30,31].…”

Section: History Of Ransomware: Evolution and Current Mitigation Chal...mentioning

confidence: 99%

Using Large Language Models to Mitigate Ransomware Threats

Wang

2023

Preprint

View full text Add to dashboard Cite

This paper explores the application of Large Language Models (LLMs), such as GPT-3 and GPT-4, in generating cybersecurity policies and strategies to mitigate ransomware threats, including data theft ransomware. We discuss the strengths and limitations of LLMs for ransomware defense and provide recommendations for effectively leveraging LLMs while ensuring ethical compliance. The key contributions include a quantitative evaluation of LLM-generated policies, an examination of the legal and ethical implications, and an analysis of how LLMs can enhance ransomware resilience when applied judiciously.

show abstract

Section: History Of Ransomware: Evolution and Current Mitigation Chal...mentioning

confidence: 99%

Using Large Language Models to Mitigate Ransomware Threats

Wang

2023

Preprint

View full text Add to dashboard Cite

show abstract

“…Instruction opcode sequences of binaries were used by [37,152,200,201] to build ML classiiers for ransomware detection. Opcode n-grams were used by Zhang et al [200] to build a Deep Neural Network (DNN)-based classiier and by Xiao et al [201] to build various ML classiiers.…”

Section: Ransomware Detection For Pcs/worktationsmentioning

confidence: 99%

“…Opcode n-grams were used by Zhang et al [200] to build a Deep Neural Network (DNN)-based classiier and by Xiao et al [201] to build various ML classiiers. While opcodes of various instructions (i.e., data process, arithmetic, logic, and control low) were used to build a Hidden Markov Model (HMM) by Saleh et al [152], opcode densities were used by Baldwin et al [37] to build a Support Vector Machine (SVM) classiier for ransomware detection.…”

Section: Ransomware Detection For Pcs/worktationsmentioning

confidence: 99%

A Survey on Ransomware: Evolution, Taxonomy, and Defense Solutions

et al. 2022

View full text Add to dashboard Cite

In recent years, ransomware has been one of the most notorious malware targeting end-users, governments, and business organizations. It has become a very profitable business for cybercriminals with revenues of millions of dollars, and a very serious threat to organizations with financial loss of billions of dollars. Numerous studies were proposed to address the ransomware threat, including surveys that cover certain aspects of ransomware research. However, no study exists in the literature that gives the complete picture on ransomware and ransomware defense research with respect to the diversity of targeted platforms. Since ransomware is already prevalent in PCs/workstations/desktops/laptops, is becoming more prevalent in mobile devices, and has already hit IoT/CPS recently, and will likely grow further in the IoT/CPS domain very soon, understanding ransomware and analyzing defense mechanisms with respect to target platforms is becoming more imperative. In order to fill this gap and motivate further research, in this paper, we present a comprehensive survey on ransomware and ransomware defense research with respect to PCs/workstations, mobile devices, and IoT/CPS platforms. Specifically, covering 137 studies over the period of 1990-2020, we give a detailed overview of ransomware evolution, comprehensively analyze the key building blocks of ransomware, present a taxonomy of notable ransomware families, and provide an extensive overview of ransomware defense research (i.e., analysis, detection, and recovery) with respect to platforms of PCs/workstations, mobile devices, and IoT/CPS. Moreover, we derive an extensive list of open issues for future ransomware research. We believe this survey will motivate further research by giving a complete picture on state-of-the-art ransomware research.

show abstract

“…Instruction opcode sequences of binaries were used by [37,149,196,197] to build ML classifiers for ransomware detection. Opcode n-grams were used by Zhang et al [196] to build a Deep Neural Network (DNN)-based classifier and by Xiao et al [197] to build various ML classifiers.…”

Section: Ransomware Detection For Pcs/worktationsmentioning

confidence: 99%

“…Opcode n-grams were used by Zhang et al [196] to build a Deep Neural Network (DNN)-based classifier and by Xiao et al [197] to build various ML classifiers. While opcodes of various instructions (i.e., data process, arithmetic, logic, and control flow) were used to build a Hidden Markov Model (HMM) by Saleh et al [149], opcode densities were used by Baldwin et al [37] to build a Support Vector Machine (SVM) classifier for ransomware detection.…”

Section: Ransomware Detection For Pcs/worktationsmentioning

confidence: 99%

A Survey on Ransomware: Evolution, Taxonomy, and Defense Solutions

Oz,

Aris,

Levi

et al. 2021

Preprint

View full text Add to dashboard Cite

In recent years, ransomware has been one of the most notorious malware targeting end users, governments, and business organizations. It has become a very profitable business for cybercriminals with revenues of millions of dollars, and a very serious threat to organizations with financial loss of billions of dollars. Numerous studies were proposed to address the ransomware threat, including surveys that cover certain aspects of ransomware research. However, no study exists in the literature that gives the complete picture on ransomware and ransomware defense research with respect to the diversity of targeted platforms. Since ransomware is already prevalent in PCs/workstations/desktops/laptops, is becoming more prevalent in mobile devices, and has already hit IoT/CPS recently, and will likely grow further in the IoT/CPS domain very soon, understanding ransomware and analyzing defense mechanisms with respect to target platforms is becoming more imperative. In order to fill this gap and motivate further research, in this paper, we present a comprehensive survey on ransomware and ransomware defense research with respect to PCs/workstations, mobile devices, and IoT/CPS platforms. Specifically, covering 137 studies over the period of 1990-2020, we give a detailed overview of ransomware evolution, comprehensively analyze the key building blocks of ransomware, present a taxonomy of notable ransomware families, and provide an extensive overview of ransomware defense research (i.e., analysis, detection, and recovery) with respect to platforms of PCs/workstations, mobile devices, and IoT/CPS. Moreover, we derive an extensive list of open issues for future ransomware research. We believe this survey will motivate further research by giving a complete picture on state-of-the-art ransomware research. CCS Concepts: • Security and privacy → Malware and its mitigation.

show abstract

A Proactive Approach for Detecting Ransomware based on Hidden Markov Model (HMM)

Cited by 6 publications

References 17 publications

Using Large Language Models to Mitigate Ransomware Threats

Using Large Language Models to Mitigate Ransomware Threats

A Survey on Ransomware: Evolution, Taxonomy, and Defense Solutions

A Survey on Ransomware: Evolution, Taxonomy, and Defense Solutions

Contact Info

Product

Resources

About