Ransomware Threat Detection: A Deep Learning Approach

Marsh, Kassidy; HaddadPajouh, Hamed

doi:10.1007/978-3-030-74753-4_17

Cited by 4 publications

(2 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Static, dynamic, and hybrid analyses have all been used in various ransomware detection studies [25,26,27,28] to determine whether a programme is malicious or benign. While performing the analysis for the fed samples, there are still some restrictions.…”

Section: Future Scopementioning

confidence: 99%

Signature based ransomware detection based on optimizations approaches using RandomClassifier and CNN algorithms

Sangher

Singh

Pandey

2023

Int J Syst Assur Eng Manag

View full text Add to dashboard Cite

As Ransomware encrypts user les to prevent access to infected systems its harmful impacts must be quickly identi ed and remedied. It can be challenging to identify the metrics and parameters to check, especially when using unknown ransomware variants in tests. The proposed work uses machine learning techniques to create a general model that can be used to detect the variations of ransomware families while observing the characteristics of malware. However, early detection is impeded by a dearth of data during the initial phases of an attack, which results in low detection accuracy and a high proportion of false alarms.To overcome these restrictions, our research suggests a revolutionary technique, in machine learning techniques we have proposedRandomClassi er with SMOTE optimizer based on the results received from LazyPredictAutoML and then deep learning algorithm ANN using Root Mean Square Propagation (adam) has been implemented to get the hidden patterns which were not accessible in machine learning approach. Further study focused on improving CNN's performance over RMSProp& Adam, which maintains per-parameter learning rates that are adjusted based on the average of most recent weight gradient magnitudes, using the Adam optimizer. The best option for internet and nonstationary issues is CNN with Adam (e.g. noisy). As gradients grow sparser toward the end of optimization, Adam somewhat surpasses RMSprop. Adam uses CNN and uses the average of the second moments of the gradients (the uncentered variance). The proposed model reported 5.14ms of prediction time and 99.18% accuracy.

show abstract

Section: Future Scopementioning

confidence: 99%

Signature based ransomware detection based on optimizations approaches using RandomClassifier and CNN algorithms

Sangher

Singh

Pandey

2023

Int J Syst Assur Eng Manag

View full text Add to dashboard Cite

show abstract

“…Some ransomware encrypt all discovered files and directories. Others, such as Cerber and Locky, look for and encrypt specific document files [21]. Others, such as Petya, simply encrypt the boot data and the file system tables.…”

Section: Ransomware Encryption Mechanismsmentioning

confidence: 99%

A New Scheme for Ransomware Classification and Clustering Using Static Features

et al. 2022

View full text Add to dashboard Cite

Ransomware is a strain of malware that disables access to the user’s resources after infiltrating a victim’s system. Ransomware is one of the most dangerous malware organizations face by blocking data access or publishing private data over the internet. The major challenge of any entity is how to decrypt the files encrypted by ransomware. Ransomware’s binary analysis can provide a means to characterize the relationships between different features used by ransomware families to track the ransomware encryption mechanism routine. In this paper, we compare the different ransomware detection approaches and techniques. We investigate the criteria, parameters, and tools used in the ransomware detection ecosystem. We present the main recommendations and best practices for ransomware mitigation. In addition, we propose an efficient ransomware indexing system that provides search functionalities, similarity checking, sample classification, and clustering. The new system scheme mainly targets native ransomware binaries, and the indexing engine depends on hybrid data from the static analyzer system. Our scheme tracks and classifies ransomware based on static features to find the similarity between different ransomware samples. This is done by calculating the absolute Jaccard index. Results have shown that Import Address Table (IAT) feature can be used to classify different ransomware more accurately than the Strings feature.

show abstract

A Survey of Recent Advances in Deep Learning Models for Detecting Malware in Desktop and Mobile Platforms

Maniriho,

Mahmood,

Chowdhury

2024

ACM Comput. Surv.

View full text Add to dashboard Cite

Malware is one of the most common and severe cyber threat today. Malware infects millions of devices and can perform several malicious activities including compromising sensitive data, encrypting data, crippling system performance, and many more. Hence, malware detection is crucial to protect our computers and mobile devices from malware attacks. Recently, deep Learning (DL) has emerged as one of the promising technologies for detecting malware. The recent high production of malware variants against desktop and mobile platforms makes DL algorithms powerful approaches for building scalable and advanced malware detection models as they can handle big datasets. This work explores current deep learning technologies for detecting malware attacks on Windows, Linux, and Android platforms. Specifically, we present different categories of DL algorithms, network optimizers, and regularization methods. Different loss functions, activation functions, and frameworks for implementing DL models are discussed. We also present feature extraction approaches and a review of DL-based models for detecting malware attacks on the above platforms. Furthermore, this work presents major research issues on DL-based malware detection including future research directions to further advance knowledge and research in this field.

show abstract

Ransomware Threat Detection: A Deep Learning Approach

Cited by 4 publications

References 14 publications

Signature based ransomware detection based on optimizations approaches using RandomClassifier and CNN algorithms

Signature based ransomware detection based on optimizations approaches using RandomClassifier and CNN algorithms

A New Scheme for Ransomware Classification and Clustering Using Static Features

A Survey of Recent Advances in Deep Learning Models for Detecting Malware in Desktop and Mobile Platforms

Contact Info

Product

Resources

About