Automated Analysis Approach for the Detection of High Survivable Ransomware

Ahmed, Yunis Ali; Koçer, Barış; Al‐rimy, Bander Ali Saleh

doi:10.3837/tiis.2020.05.021

Cited by 11 publications

(11 citation statements)

References 48 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…A decision tree is a straightforward structure derived from nonnodes that indicate tests across one or more characteristics and network interface layer that provide decision results. At each node of the logistic regression, the information gain measure is utilized to choose the test attribute [ 28 ]. They obtained the following metric favors characteristics with a high number of possible values.…”

Section: Attribute Extraction Methodsmentioning

confidence: 99%

An Attribute Extraction for Automated Malware Attack Classification and Detection Using Soft Computing Techniques

Albishry

AlGhamdi

Almalawi

et al. 2022

Computational Intelligence and Neuroscience

View full text Add to dashboard Cite

Malware has grown in popularity as a method of conducting cyber assaults in former decades as a result of numerous new deception methods employed by malware. To preserve networks, information, and intelligence, malware must be detected as soon as feasible. This article compares various attribute extraction techniques with distinct machine learning algorithms for static malware classification and detection. The findings indicated that merging PCA attribute extraction and SVM classifier results in the highest correct rate with the fewest possible attributes, and this paper discusses sophisticated malware, their detection techniques, and how and where to defend systems and data from malware attacks. Overall, 96% the proposed method determines the malware more accurately than the existing methods.

show abstract

Section: Attribute Extraction Methodsmentioning

confidence: 99%

An Attribute Extraction for Automated Malware Attack Classification and Detection Using Soft Computing Techniques

Albishry

AlGhamdi

Almalawi

et al. 2022

Computational Intelligence and Neuroscience

View full text Add to dashboard Cite

show abstract

“…The features were divided into seven subset features (top20, top30, top40, top50, top60, top70, top80) by considering their importance and ranking based on phase 2 processing. The results of the experiment demonstrated that ANN showed the highest accuracy of 98.79% when the top30 of the feature set was used as training and testing [27]. However, this classification accuracy had dramatically decreased to 95.63% when the top20 of the feature set was used.…”

Section: A Behavior Basedmentioning

confidence: 99%

“…These frameworks yield promising results in detection of different types of ransomware and have potentials to be used in future research works by the cyber security community. In what follows, eight state-of-the-art frameworks including Behavior Based [27], DNAact-Ran [28], RANDS [30], RATAFIA [32], RansomWall [33], CryptoKnight [34], EldeRan [35], and DRTHIS [40] will be studied and compared.…”

Section: Ransomware Detection Frameworkmentioning

confidence: 99%

“…A proposed behavior-based framework was built for defining dynamically monitored valuable features of high survivable ransomware (HSR) [27]. The analysis of HSR was conducted within an isolated sandbox environment, through the Term Frequency-Inverse document frequency (TF-IDF).…”

Section: A Behavior Basedmentioning

confidence: 99%

“…The 10-Fold crossvalidation technique can prevent the overfitting problem and estimate the effectiveness of the detection models. The best accuracy obtained by SVM is by presenting 0.982 of area under the curve (AUC) with less than 0.035 of false positive rate [27]. It is important to examine the ability of the classifiers for distinguishing the ransomware from benign samples.…”

Section: A Behavior Basedmentioning

confidence: 99%

See 2 more Smart Citations

Machine Learning Algorithms and Frameworks in Ransomware Detection

2022

View full text Add to dashboard Cite

Ransomware has been one of the biggest cyber threats against consumers in recent years. It can leverage various attack vectors while it also evolves in terms of finding more innovative ways to invade different cyber security systems. There have been many efforts to detect ransomware within the workforce and academia leveraging machine learning algorithms, which has shown promising results. Accordingly, there is a considerably large body of literature addressing various solutions on how ransomware threats can be detected and mitigated. Such large and rapidly growing scientific and technical materials start to make it difficult in knowing the actual ML algorithm(s) being used. Hence, the aim of this paper is to give insight about ransomware detection frameworks and those ML algorithms which are typically being used to extract ever-evolving characteristics of ransomware. In addition, this study will provide the cyber security community with a detailed analysis of those frameworks. This will be augmented with information such as datasets being used along with the challenges that each framework may be faced with in detecting a wide variety of ransomware accurately. To summarize, this paper delivers a comparative study which can be used by peers as a reference for future work in ransomware detection.

show abstract