Machine Learning and Feature Selection Based Ransomware Detection Using Hexacodes

Reddy, Bheemidi Vikram; Krishna, Gutha Jaya; Ravi, Vadlamani; Dasgupta, Dipankar

doi:10.1007/978-981-15-5788-0_56

Cited by 13 publications

(25 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The field of ransomware detection has seen significant advancements, with a variety of methodologies being developed and refined [26], [27]. Initially, the focus was predominantly on signature-based detection, a method that relies on identifying known ransomware signatures [3].…”

Section: A Ransomware Detection Methodologiesmentioning

confidence: 99%

Evaluating Large Language Models in Ransomware Negotiation: A Comparative Analysis of ChatGPT and Claude

Kumamoto,

Yoshida,

Fujima

2023

Preprint

View full text Add to dashboard Cite

This study presents a comprehensive analysis of the application of Large Language Models (LLMs), specifically ChatGPT and Claude, in the context of ransomware negotiation. Ransomware, an increasingly prevalent and sophisticated cyber threat, necessitates innovative response strategies. This study examines the capabilities of these LLMs in simulating human-like negotiation tactics against ransomware attacks, focusing on two main types: cryptographic and data exfiltration ransomware. Through a series of controlled simulations, the efficacy of ChatGPT and Claude in understanding complex language constructs, formulating negotiation strategies, and their adaptability to varying ransomware scenarios is evaluated. The research highlights the strengths of these models in response accuracy, adaptability, and psychological manipulation resistance. However, it also reveals their susceptibility to producing hallucinations — instances of unrealistic or inaccurate responses. The study contributes to the understanding of AI's potential in cybersecurity, emphasizing the need for improvements in AI reliability, ethical considerations, and the integration of human oversight. The findings suggest that while LLMs hold promising potential in enhancing cyber defense mechanisms, their deployment in high-stakes scenarios like ransomware negotiations must be approached with caution and continuous oversight.

show abstract

Section: A Ransomware Detection Methodologiesmentioning

confidence: 99%

Evaluating Large Language Models in Ransomware Negotiation: A Comparative Analysis of ChatGPT and Claude

Kumamoto,

Yoshida,

Fujima

2023

Preprint

View full text Add to dashboard Cite

show abstract

“…This segment of the discussion centers around the incorporation of artificial intelligence in the realm of ransomware threat identification, with a special focus on identifying zero-day ransomware assaults and emerging variants, which involves delving into the development of models based on deep learning for the detection of ransomware, paying special attention to unsupervised methods of extracting features and the application of ensemble classifiers that are sensitive to the cost implications of false classifications [17], [5]. These models' proficiency in countering zero-day incursions, along with their capacity to expedite the identification of such threats, is a topic of particular interest [21], [7].…”

Section: B Ai-powered Ransomware Detection Techniquesmentioning

confidence: 99%

“…A key area of discussion is the role AI plays in refining the process of victim selection, enabling attackers to tailor their strategies to target individuals or organizations with precision [23], [17]. The capacity of AI to customize attack payloads for each victim, thereby enhancing the efficacy of the assault, is a significant aspect of this exploration [13].…”

Section: Ai In Ransomware Attack Strategies and Communication Analysismentioning

confidence: 99%

Using ChatGPT to Analyze Ransomware Messages and to Predict Ransomware Threats

Fujima,

Kumamoto,

Yoshida

2023

Preprint

View full text Add to dashboard Cite

This study looked into the complex landscape of ransomware communications, utilizing advanced language models like ChatGPT to analyze ransomware messages. The research focused on identifying and interpreting the linguistic and strategic elements embedded in these communications. Key findings revealed a significant evolution in ransomware tactics, marked by sophisticated linguistic patterns and psychological manipulation strategies. The study emphasized the need for integrating advanced linguistic analysis tools within cybersecurity frameworks and advocates for customized cybersecurity education programs. Future research directions were proposed, including expanding the dataset and integrating diverse analytical methodologies. This research contributed to a deeper understanding of ransomware threats and offered insights into developing more effective cybersecurity measures against them.

show abstract

“…Recent surveys (Berrueta et al, 2019;Bijitha et al, 2020;Herrera Silva et al, 2019) have analysed and compared a total of more than 70 different crypto-ransomware detection tools. Ransomware detection tools have traditionally used similar techniques to antivirus tools, such as those based on the static analysis of program binaries before they are run (Hasan & Rahman, 2017;Reddy et al, 2021;Shaukat & Ribeiro, 2018). These techniques offer prevention, however, they are prone to false negatives when new binaries are encountered or obfuscation techniques are used (Chen et al, 2017;Vidyarthi et al, 2019), they cannot cope with the large number of signatures created by the new ransomware-as-a-service offerings (Nieuwenhuizen, 2016), and they are oblivious to file-less ransomware variants (Victor, 2020).…”

Section: Background and Related Workmentioning

confidence: 99%

“…In some cases it only establishes thresholds to the measured metrics (Kharraz et al, 2016;Mbol et al, 2016;Paik et al, 2016), while most often a combined metric from a large number of indicators is built (Moore, 2016;Morato et al, 2018;Scaife et al, 2016). In recent years, machine learning techniques have gained popularity thanks to their ease of use and their capacity of searching for patterns in a large number of features (Ahmadian & Shahriari, 2016;Ahmed et al, 2020;Almashhadani et al, 2019;Arabo et al, 2020;Continella et al, 2016;Hasan & Rahman, 2017;Hirano & Kobayashi, 2019;Lee et al, 2019;Lu et al, 2017;Moussaileb et al, 2018;Reddy et al, 2021;Roy & Chen, 2020;Scaife et al, 2016;Sgandurra et al, 2016;Vinayakumar et al, 2017).…”

Section: Background and Related Workmentioning

confidence: 99%

Crypto-ransomware detection using machine learning models in file-sharing network scenarios with encrypted traffic

Berrueta

Morató

Magaña

et al. 2022

Expert Systems with Applications

View full text Add to dashboard Cite

Machine Learning and Feature Selection Based Ransomware Detection Using Hexacodes

Cited by 13 publications

References 14 publications

Evaluating Large Language Models in Ransomware Negotiation: A Comparative Analysis of ChatGPT and Claude

Evaluating Large Language Models in Ransomware Negotiation: A Comparative Analysis of ChatGPT and Claude

Using ChatGPT to Analyze Ransomware Messages and to Predict Ransomware Threats

Crypto-ransomware detection using machine learning models in file-sharing network scenarios with encrypted traffic

Contact Info

Product

Resources

About