Affiliation:
1. BANDIRMA ONYEDİ EYLÜL ÜNİVERSİTESİ, BANDIRMA MESLEK YÜKSEKOKULU
Abstract
In recent years, ransomware has become highly profitable cyber attacks. This is because, everyday there are several new devices attending to computer networks before testing their security strength. In addition, it is easy to launch ransomware attacks by using Ransomware-as-a-Service. This paper proposed a new method that creates the ransomware specific features by using ransomware behaviors which are performed on file, registry, and network resources. The weights are assigned to the behaviors based upon where the actions are performed. The most feasible features are selected based on the assigned weights as well as Information Gain. The selected features are classified by using ML classifiers including J48 (C4.5), RF (Random Forest), AdaBoost (Adaptive Boosting), SLR (Simple Logistic Regression), KNN (K-Nearest Neighbors), BN (Bayesian Network), and SMO (Sequential Minimal Optimization). The experiments are performed on several ransomware variants as well as benign samples. The test results show that our proposed method is feasible and effective. The DR, FPR, f-measure, and accuracy are measured as 100%, 1.4%, 99.4%, 99.38%, respectively.
Publisher
Bitlis Eren Universitesi Fen Bilimleri Dergisi
Reference20 articles.
1. Nieuwenhuizen, D. 2017. A behavioural-based approach to ransomware detection. MWR Labs Whitepaper.
2. Associated Press. 2020. The Latest: UN warns cybercrime on rise during pandemic.
3. Sophos Report. 2021. The State of Ransomware 2021.
4. Cognyte CTI Research Group. 2021. Ransomware Attack Statistics 2021 – Growth & Analysis.
5. Morgan, S. 2019. Global Ransomware Damage Costs Predicted To Reach $20 Billion (USD)
By 2021. Cybercrime Magazine.
Cited by
2 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献