Ransomware threat mitigation through network traffic analysis and
machine learning techniques
- URL: http://arxiv.org/abs/2401.15285v2
- Date: Sun, 4 Feb 2024 03:52:09 GMT
- Title: Ransomware threat mitigation through network traffic analysis and
machine learning techniques
- Authors: Ali Mehrban, Shirin Karimi Geransayeh
- Abstract summary: This paper focuses on a method for recognizing and identifying ransomware in computer networks.
The approach relies on using machine learning algorithms and analyzing the patterns of network traffic.
The results of implementing this method show that machine learning algorithms can effectively pinpoint ransomware based on network traffic.
- Score: 0.0
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: In recent years, there has been a noticeable increase in cyberattacks using
ransomware. Attackers use this malicious software to break into networks and
harm computer systems. This has caused significant and lasting damage to
various organizations, including government, private companies, and regular
users. These attacks often lead to the loss or exposure of sensitive
information, disruptions in normal operations, and persistent vulnerabilities.
This paper focuses on a method for recognizing and identifying ransomware in
computer networks. The approach relies on using machine learning algorithms and
analyzing the patterns of network traffic. By collecting and studying this
traffic, and then applying machine learning models, we can accurately identify
and detect ransomware. The results of implementing this method show that
machine learning algorithms can effectively pinpoint ransomware based on
network traffic, achieving high levels of precision and accuracy.
Related papers
- MASKDROID: Robust Android Malware Detection with Masked Graph Representations [56.09270390096083]
We propose MASKDROID, a powerful detector with a strong discriminative ability to identify malware.
We introduce a masking mechanism into the Graph Neural Network based framework, forcing MASKDROID to recover the whole input graph.
This strategy enables the model to understand the malicious semantics and learn more stable representations, enhancing its robustness against adversarial attacks.
arXiv Detail & Related papers (2024-09-29T07:22:47Z) - Detection of ransomware attacks using federated learning based on the CNN model [3.183529890105507]
This paper offers a ransomware attack modeling technique that targets the disrupted operation of a digital substation.
Experiments demonstrate that the suggested technique detects ransomware with a high accuracy rate.
arXiv Detail & Related papers (2024-05-01T09:57:34Z) - Ransomware Detection and Classification using Machine Learning [7.573297026523597]
This study uses the XGBoost and Random Forest (RF) algorithms to detect and classify ransomware attacks.
The models are evaluated on a dataset of ransomware attacks and demonstrate their effectiveness in accurately detecting and classifying ransomware.
arXiv Detail & Related papers (2023-11-05T18:16:53Z) - A survey on hardware-based malware detection approaches [45.24207460381396]
Hardware-based malware detection approaches leverage hardware performance counters and machine learning prowess.
We meticulously analyze the approach, unraveling the most common methods, algorithms, tools, and datasets that shape its contours.
The discussion extends to crafting mixed hardware and software approaches for collaborative efficacy, essential enhancements in hardware monitoring units, and a better understanding of the correlation between hardware events and malware applications.
arXiv Detail & Related papers (2023-03-22T13:00:41Z) - A Survey of Machine Learning Algorithms for Detecting Malware in IoT
Firmware [0.0]
This paper employs a number of machine learning algorithms to classify IoT firmware and the best performing models are reported.
Deep learning approaches including Convolutional and Fully Connected Neural Networks are also explored.
arXiv Detail & Related papers (2021-11-03T17:55:51Z) - TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack [46.79557381882643]
We present TANTRA, a novel end-to-end Timing-based Adversarial Network Traffic Reshaping Attack.
Our evasion attack utilizes a long short-term memory (LSTM) deep neural network (DNN) which is trained to learn the time differences between the target network's benign packets.
TANTRA achieves an average success rate of 99.99% in network intrusion detection system evasion.
arXiv Detail & Related papers (2021-03-10T19:03:38Z) - Darknet Traffic Big-Data Analysis and Network Management to Real-Time
Automating the Malicious Intent Detection Process by a Weight Agnostic Neural
Networks Framework [0.0]
We propose a novel darknet traffic analysis and network management framework to real-time automating the malicious intent detection process.
It is an effective and accurate computational intelligent tool for network traffic analysis, the demystification of malware traffic, and encrypted traffic identification in real-time.
arXiv Detail & Related papers (2021-02-16T19:03:25Z) - Being Single Has Benefits. Instance Poisoning to Deceive Malware
Classifiers [47.828297621738265]
We show how an attacker can launch a sophisticated and efficient poisoning attack targeting the dataset used to train a malware classifier.
As opposed to other poisoning attacks in the malware detection domain, our attack does not focus on malware families but rather on specific malware instances that contain an implanted trigger.
We propose a comprehensive detection approach that could serve as a future sophisticated defense against this newly discovered severe threat.
arXiv Detail & Related papers (2020-10-30T15:27:44Z) - Adversarial Machine Learning Attacks and Defense Methods in the Cyber
Security Domain [58.30296637276011]
This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques.
It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
arXiv Detail & Related papers (2020-07-05T18:22:40Z) - Adversarial Attacks on Machine Learning Systems for High-Frequency
Trading [55.30403936506338]
We study valuation models for algorithmic trading from the perspective of adversarial machine learning.
We introduce new attacks specific to this domain with size constraints that minimize attack costs.
We discuss how these attacks can be used as an analysis tool to study and evaluate the robustness properties of financial models.
arXiv Detail & Related papers (2020-02-21T22:04:35Z) - NAttack! Adversarial Attacks to bypass a GAN based classifier trained to
detect Network intrusion [0.3007949058551534]
Before the rise of machine learning, network anomalies which could imply an attack, were detected using well-crafted rules.
With the advancements of machine learning for network anomaly, it is not easy for a human to understand how to bypass a cyber-defence system.
In this paper, we show that even if we build a classifier and train it with adversarial examples for network data, we can use adversarial attacks and successfully break the system.
arXiv Detail & Related papers (2020-02-20T01:54:45Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.