A Survey on Visualization-Based Malware Detection

Moawad, Ahmad; Ebada, Ahmed Ismail; Al-Zoghby, Aya M.

doi:10.32604/jcs.2022.033537

Cited by 4 publications

(3 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This provides a more holistic insight into the behavior of ransomware. The importance of utilizing AI methods, particularly ML and deep learning, for detecting and preventing the spread of malware threats was emphasized by [25]. While this approach acknowledges the significance of analysis processes in identifying malware patterns, the RFSA contributes by integrating financial aspects into the evaluation of ransomware.…”

Section: Comparative Analysis Of Existing Studiesmentioning

confidence: 99%

“…While this approach acknowledges the significance of analysis processes in identifying malware patterns, the RFSA contributes by integrating financial aspects into the evaluation of ransomware. The primary focus of [25] is on the broader context of malware types, binary executables, analysis methods, and AI applications.…”

Section: Comparative Analysis Of Existing Studiesmentioning

confidence: 99%

See 1 more Smart Citation

RFSA: A Ransomware Feature Selection Algorithm for Multivariate Analysis of Malware Behavior in Cryptocurrency

Nkongolo Wa Nkongolo

2024

IJCDS

View full text Add to dashboard Cite

This research introduces innovative features tailored to capture distinctive characteristics of ransomware activity within the cryptocurrency ecosystem. The study employs a multifaceted analysis to delve into ransomware-related data encompassing transaction metadata, ransom analysis, behavioral patterns, and financial aspects. A feature selection algorithm is explored to discern ransomware transactions in Bitcoin (BTC) and the United States Dollar (USD) using the UGRansome dataset. This comprehensive dataset of ransomware-related transactions facilitates the proposal of novel features designed to capture the unique traits of ransomware activity. The correlation matrix and temporal analysis of these features contribute to a nuanced understanding of the dynamic nature of ransomware threats. The research presents the Ransomware Feature Selection Algorithm (RFSA) based on Gini Impurity and Mutual Information (MI) to effectively select crucial ransomware features. Evaluation metrics such as precision, recall, accuracy, and F1 score highlight the effectiveness of the RFSA. The analysis reveals that approximately 68% of ransomware incidents involve BTC transactions ranging from 1.46 to 2.56, with an average of 2.01 BTC transactions per attack. Moreover, ransomware causes financial damages ranging from 4.38 to 172.36 USD, with an average damage of 88.37 USD. The RFSA identifies 17 ransomware types and their associated malware to shed light on their characteristics. The study investigates the pricing of ransomware and reveals that TowerWeb is associated with the highest fee, amounting to 135.26 BTC, while CryptoLocker has the lowest fee, recorded at 10.51 BTC. Additionally, the impact of ransomware duration on financial gains and network flow is investigated, disclosing a correlation between extended duration and higher financial gains. The research achieves outstanding performance metrics, including an MI score of 95%, accuracy of 93%, recall of 92%, and precision of 89%. These results showcase the superiority of the proposed approach over existing studies, emphasizing the dynamic and adaptable nature of ransomware demands. The findings suggest that there is no fixed amount for specific cyberattacks. This underscores the importance of adapting to the evolving landscape of ransomware threats.

show abstract

Section: Comparative Analysis Of Existing Studiesmentioning

confidence: 99%

Section: Comparative Analysis Of Existing Studiesmentioning

confidence: 99%

RFSA: A Ransomware Feature Selection Algorithm for Multivariate Analysis of Malware Behavior in Cryptocurrency

Nkongolo Wa Nkongolo

2024

IJCDS

View full text Add to dashboard Cite

show abstract

“…ontemporary malware detection methodologies are grounded on various metrics. However, considering the incessantly evolving nature of malware, there's a growing demand for reducing malware detection time in order to minimize system complexities and cyberattack damages [1]. Given that these metrics alone are insufficient, a novel approach is deemed necessary.This research proposes a new malware detection method combining multidimensional evaluation functions and the exploitation of energy harvesting technologies.…”

Section: Introductionmentioning

confidence: 99%

Application and optimization of multidimensional evaluation functions for faster malware detection

Tanaka,

CHIKARAISHI,

Tanaka

et al. 2023

Preprint

View full text Add to dashboard Cite

<p>This research proposes a new malware detection technique using a multi-dimensional evaluation function, which comprehensively assesses multiple indicators such as power consumption, network traffic, and CPU usage. This method enables the rapid scoring of malware risks and prioritizes the detection of malware that presents a risk score above a certain threshold. Moreover, this technique surpasses the detection speed of existing security software and provides flexibility by utilizing machine learning to adapt to new patterns and behaviors of malware. These characteristics are expected to significantly improve the efficiency and accuracy of malware detection.</p>

show abstract