Abdullahi Arabo Abdullahi.Arabo@uwe.ac.uk
Associate professor of Cyber Science and Network Security
Detecting ransomware using process behavior analysis
Arabo, Abdullahi; Dijoux, Remi; Poulain, Timothee; Chevalier, Gregoire
Authors
Remi Dijoux
Timothee Poulain
Gregoire Chevalier
Abstract
Ransomware attacks are one of the biggest and attractive threats in cyber security today. Anti-virus software's are often inefficient against zero-day malware and ransomware attacks, important network infections could result in a large amount of data loss. Such attacks are also becoming more dynamic and able to change their signatures - hence creating an arms race situation. This study investigates the relationship between a process behavior and its nature, in order to determine whether it is ransomware or not. The paper aim is to see if using this method will help the evading malicious software's and use as a self-defense mechanism using machine learning that emulates the human immune system. The analysis was conducted on 7 ransomware, 41 benign software, and 34 malware samples. The results show that we are able to distinguish between ransomware and benign applications, with a low false-positive and false-negative rate.
Presentation Conference Type | Conference Paper (published) |
---|---|
Conference Name | Complex Adaptive Systems 2019 |
Acceptance Date | Sep 11, 2019 |
Online Publication Date | May 13, 2020 |
Publication Date | May 13, 2020 |
Deposit Date | Sep 19, 2019 |
Publicly Available Date | Sep 19, 2019 |
Journal | Procedia Computer Science |
Print ISSN | 1877-0509 |
Publisher | Elsevier |
Volume | 168 |
Pages | 289-296 |
Series Title | Procedia Computer Science |
Series ISSN | 1877-0509 |
DOI | https://doi.org/10.1016/j.procs.2020.02.249 |
Keywords | Ransomware; malware; cyber security; machine learning |
Public URL | https://uwe-repository.worktribe.com/output/3119673 |
Contract Date | Sep 19, 2019 |
Files
Ransomewear-Final
(636 Kb)
PDF
Licence
http://creativecommons.org/licenses/by-nc-nd/4.0/
Publisher Licence URL
http://creativecommons.org/licenses/by-nc-nd/4.0/
Copyright Statement
© 2019 The Authors. Published by Elsevier B.V.This is an open access article under the CC BY-NC-ND license
You might also like
Cyber Security Challenges within the Connected Home Ecosystem Futures
(2015)
Presentation / Conference Contribution
Cybersecurity in the IoT
(2015)
Presentation / Conference Contribution
Pedagogical Approach to Effective Cybersecurity Teaching
(2019)
Book Chapter
Processing device and method of operation thereof
(-0001)
Patent
Downloadable Citations
About UWE Bristol Research Repository
Administrator e-mail: repository@uwe.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search