Abstract
Abstract
In the face of escalating crypto-ransomware attacks, which encrypt user data for ransom, our study introduces a significant advancement in dynamic ransomware detection. We develop an innovative machine learning model capable of identifying ransomware activity. This model is uniquely trained in a simulated user environment, enhancing detection accuracy under realistic conditions and addressing the imbalances typical of ransomware datasets.
A notable aspect of our approach is the emphasis on interpretability. We employ a simplified version of Generalized Additive Models (GAMs), ensuring clarity in how individual features influence predictions. This is crucial for minimizing false positives, a common challenge in dynamic detection methods. Our contributions to the field include a Python library for easy application of our detection method, and a comprehensive, publicly available ransomware detection dataset. These resources aim to facilitate broader research and implementation in ransomware defense.
Publisher
Research Square Platform LLC
Reference39 articles.
1. Claudio Ardagna and Stephen Corbiaux and Koen Van Impe and Radim Ostadal. ENISA THREAT LANDSCAPE 2023. 2023, https://www.enisa.europa.eu/publications/enisa-threat-landscape-2023, 10, The European Union Agency for Cybersecurity (ENISA), 9789292046453, 10.2824/782573
2. Juan A. Herrera-Silva and Myriam Hern ández- Álvarez (2023) Dynamic Feature Dataset for Ransomware Detection Using Machine Learning Algorithms. Sensors 23 https://doi.org/10.3390/s23031053, MDPI, 36772092, 2, 3, 14248220
3. Salwa Razaulla and Claude Fachkha and Christine Markarian and Amjad Gawanmeh and Wathiq Mansoor and Benjamin C.M. Fung and Chadi Assi (2023) The Age of Ransomware: A Survey on the Evolution, Taxonomy, and Research Directions. IEEE Access https://doi.org/10.1109/ACCESS.2023.3268535, Institute of Electrical and Electronics Engineers Inc., 21693536
4. Jos é Antonio G ómez Hern ández and Pedro Garc ía Teodoro and Roberto Mag án Carri ón and Rafael Rodr íguez G ómez. Crypto-Ransomware: A Revision of the State of the Art, Advances and Challenges. 2023, 12, Multidisciplinary Digital Publishing Institute (MDPI), 11, Electronics (Switzerland), 21, 20799292, 10.3390/electronics12214494
5. Zhibo Zhang and Hussam Al Hamadi and Ernesto Damiani and Chan Yeob Yeun and Fatma Taher (2022) Explainable Artificial Intelligence Applications in Cyber Security: State-of-the-Art in Research. IEEE Access 10: 93104-93139 https://doi.org/10.1109/ACCESS.2022.3204051, Institute of Electrical and Electronics Engineers Inc., 21693536