Dual Generative Adversarial Networks Based Unknown Encryption Ransomware Attack Detection

Zhang, Xueqin; Wang, Jiyuan; Zhu, Shinan

doi:10.1109/access.2021.3128024

Cited by 19 publications

(17 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This initiative provides free decryption tools and supplementary sources of information to ransomware victims to decrypt their files without having to pay a ransom to cybercriminals [28]. The NMR project website hosted at nomoreransom.org is currently sustained by 188 partners worldwide and provides over 100 decryptors that assist victims with 165 different types of ransomware variants to restore their encrypted data and recover their files [29,30]. The Crypto Sheriff tool is available on the NMR website and is intended to help victims of ransomware discover a free decryptor.…”

Section: Discussionmentioning

confidence: 99%

The Ransomware Epidemic: Recent Cybersecurity Incidents Demystified

Temara

2024

AJARR

View full text Add to dashboard Cite

The pervasive threat of ransomware poses a significant risk to businesses across various scales as cybercriminals continue to exploit vulnerabilities causing severe disruptions and demanding substantial ransom payments. This review conducts a comprehensive literature review delving into recent ransomware attacks to analyze key aspects, including the targeted organizations, attack vectors, threat actors, propagation mechanisms, and the resulting business impact. The study goes beyond a surface examination by exploring the evolving nature of ransomware attacks, encompassing different types, attack vectors, and emerging tactics, such as double extortion, where cybercriminals not only encrypt data but also exfiltrate and threaten to release it publicly unless a ransom is paid. High-profile incidents, including those involving SickKids Hospital, Royal Mail, Dish Network, Five Guys, and ION are scrutinized to glean insights into the intricacies of these attacks. The review also evaluates the effectiveness of existing ransomware defenses and proposes potential strategies for organizations to counteract, identify, and manage ransomware incidents. The findings underscore the critical need for organizations to comprehend the evolving ransomware landscape and implement robust cybersecurity measures to protect both internal and external stakeholders. As ransomware continues to evolve in complexity, this study provides valuable insights emphasizing the importance of proactive defenses to mitigate the risks posed by this growing threat.

show abstract

Section: Discussionmentioning

confidence: 99%

The Ransomware Epidemic: Recent Cybersecurity Incidents Demystified

Temara

2024

AJARR

View full text Add to dashboard Cite

show abstract

“…A different strategy involves detecting ransomware activity before or during transmission before its payload runs on the host. Numerous authors have effectively showcased the success of this approach [74]- [79]. Liu and Patras [74] identify ransomware while it seeks new victims on the network via Server Message Block (SMB) protocol requests on port 445.…”

Section: ) Detection During Deliverymentioning

confidence: 99%

“…GANs are designed to generate new data instances resembling a given dataset, proving highly valuable in adversarial learning tasks, such as creating scenarios for zero-day attacks where relevant data may be scarce. Several studies in the literature have employed GANs to generate synthetic datasets [79], [118], augmenting real attack patterns due to the evolving nature of ransomware and the custom tactics involved in zero-day attacks. However, despite the recent emphasis on deep learning techniques, it's noteworthy that these approaches tend to be resource-intensive and time-consuming.…”

Section: B: Deep Learning Techniquesmentioning

confidence: 99%

Ransomware Detection Using Machine Learning: A Review, Research Limitations and Future Directions

Ispahany,

Islam,

Islam

et al. 2024

IEEE Access

View full text Add to dashboard Cite

Ransomware attacks are on the rise in terms of both frequency and impact. The shift to remote work due to the COVID-19 pandemic has led more people to work online, prompting companies to adapt quickly. Unfortunately, this increased online activity has provided cybercriminals numerous opportunities to carry out devastating attacks. One recent method employed by malicious actors involves infecting corporate networks with ransomware to extract millions of dollars in profits. Ransomware falls into the category of malware. It works by encrypting sensitive data and demanding payments from victims to receive the encryption keys necessary for decrypting their data. The prevalence of this type of attack has prompted governments and organisations worldwide to intensify their efforts to combat ransomware. In response, the research community has also focused on ransomware detection, leveraging technologies such as machine learning. Despite this increased attention, practical solutions for real-world applications remain scarce in the existing literature. Numerous surveys have explored literature within the domain. Still, there is a notable lack of emphasis on the design of ransomware detection systems and the practical aspects of detection, including real-time and early detection. Against this backdrop, our review delves into the existing literature on ransomware detection, specifically examining the machine-learning techniques, detection approaches, and designs employed. Finally, we highlight the limitations of prior studies and propose future research directions in this crucial area.

show abstract

“…The authors showed that their approach can be an effective tool for detecting infection in organizational virtual machines. Zhang et al [31] built a model called PreD for binary classification based on Convolutional Neural Networks. In order to improve the performance of their model, a transfer learning mechanism was employed.…”

Section: C: Other Platformsmentioning

confidence: 99%

The Age of Ransomware: A Survey on the Evolution, Taxonomy, and Research Directions

et al. 2023

View full text Add to dashboard Cite

The proliferation of ransomware has become a significant threat to cybersecurity in recent years, causing significant financial, reputational, and operational damage to individuals and organizations. This paper aims to provide a comprehensive overview of the evolution of ransomware, its taxonomy, and its state-of-the-art research contributions. We begin by tracing the origins of ransomware and its evolution over time, highlighting the key milestones and major trends. Next, we propose a taxonomy of ransomware that categorizes different types of ransomware based on their characteristics and behavior. Subsequently, we review the existing research over several years in regard to detection, prevention, mitigation, and prediction techniques. Our extensive analysis, based on more than 150 references, has revealed that significant research, specifically 72.8%, has focused on detecting ransomware. However, a lack of emphasis has been placed on predicting ransomware. Additionally, of the studies focused on ransomware detection, a significant portion, 70%, have utilized machine learning methods. We further discuss the challenges found such as the ones related to obtaining ransomware datasets. In addition, our study uncovers a range of shortcomings in research pertaining to real-time protection and identifying zero-day ransomware. Adversarial machine learning exploitation has been identified as an under-researched area in the field. This survey is a constructive roadmap for researchers interested in ransomware research matters.

show abstract

Dual Generative Adversarial Networks Based Unknown Encryption Ransomware Attack Detection

Cited by 19 publications

References 25 publications

The Ransomware Epidemic: Recent Cybersecurity Incidents Demystified

The Ransomware Epidemic: Recent Cybersecurity Incidents Demystified

Ransomware Detection Using Machine Learning: A Review, Research Limitations and Future Directions

The Age of Ransomware: A Survey on the Evolution, Taxonomy, and Research Directions

Contact Info

Product

Resources

About