Ransomware threat mitigation through network traffic analysis and machine learning techniques

• URL: http://arxiv.org/abs/2401.15285v2
• Date: Sun, 4 Feb 2024 03:52:09 GMT
• Title: Ransomware threat mitigation through network traffic analysis and machine learning techniques
• Authors: Ali Mehrban, Shirin Karimi Geransayeh
• Abstract summary: This paper focuses on a method for recognizing and identifying ransomware in computer networks. The approach relies on using machine learning algorithms and analyzing the patterns of network traffic. The results of implementing this method show that machine learning algorithms can effectively pinpoint ransomware based on network traffic.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: In recent years, there has been a noticeable increase in cyberattacks using ransomware. Attackers use this malicious software to break into networks and harm computer systems. This has caused significant and lasting damage to various organizations, including government, private companies, and regular users. These attacks often lead to the loss or exposure of sensitive information, disruptions in normal operations, and persistent vulnerabilities. This paper focuses on a method for recognizing and identifying ransomware in computer networks. The approach relies on using machine learning algorithms and analyzing the patterns of network traffic. By collecting and studying this traffic, and then applying machine learning models, we can accurately identify and detect ransomware. The results of implementing this method show that machine learning algorithms can effectively pinpoint ransomware based on network traffic, achieving high levels of precision and accuracy.

Related papers

• MASKDROID: Robust Android Malware Detection with Masked Graph Representations [56.09270390096083]
  We propose MASKDROID, a powerful detector with a strong discriminative ability to identify malware. We introduce a masking mechanism into the Graph Neural Network based framework, forcing MASKDROID to recover the whole input graph. This strategy enables the model to understand the malicious semantics and learn more stable representations, enhancing its robustness against adversarial attacks.
  arXiv  Detail & Related papers  (2024-09-29T07:22:47Z)
• Detection of ransomware attacks using federated learning based on the CNN model [3.183529890105507]
  This paper offers a ransomware attack modeling technique that targets the disrupted operation of a digital substation. Experiments demonstrate that the suggested technique detects ransomware with a high accuracy rate.
  arXiv  Detail & Related papers  (2024-05-01T09:57:34Z)
• Ransomware Detection and Classification using Machine Learning [7.573297026523597]
  This study uses the XGBoost and Random Forest (RF) algorithms to detect and classify ransomware attacks. The models are evaluated on a dataset of ransomware attacks and demonstrate their effectiveness in accurately detecting and classifying ransomware.
  arXiv  Detail & Related papers  (2023-11-05T18:16:53Z)
• A survey on hardware-based malware detection approaches [45.24207460381396]
  Hardware-based malware detection approaches leverage hardware performance counters and machine learning prowess. We meticulously analyze the approach, unraveling the most common methods, algorithms, tools, and datasets that shape its contours. The discussion extends to crafting mixed hardware and software approaches for collaborative efficacy, essential enhancements in hardware monitoring units, and a better understanding of the correlation between hardware events and malware applications.
  arXiv  Detail & Related papers  (2023-03-22T13:00:41Z)
• A Survey of Machine Learning Algorithms for Detecting Malware in IoT Firmware [0.0]
  This paper employs a number of machine learning algorithms to classify IoT firmware and the best performing models are reported. Deep learning approaches including Convolutional and Fully Connected Neural Networks are also explored.
  arXiv  Detail & Related papers  (2021-11-03T17:55:51Z)
• TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack [46.79557381882643]
  We present TANTRA, a novel end-to-end Timing-based Adversarial Network Traffic Reshaping Attack. Our evasion attack utilizes a long short-term memory (LSTM) deep neural network (DNN) which is trained to learn the time differences between the target network's benign packets. TANTRA achieves an average success rate of 99.99% in network intrusion detection system evasion.
  arXiv  Detail & Related papers  (2021-03-10T19:03:38Z)
• Darknet Traffic Big-Data Analysis and Network Management to Real-Time Automating the Malicious Intent Detection Process by a Weight Agnostic Neural Networks Framework [0.0]
  We propose a novel darknet traffic analysis and network management framework to real-time automating the malicious intent detection process. It is an effective and accurate computational intelligent tool for network traffic analysis, the demystification of malware traffic, and encrypted traffic identification in real-time.
  arXiv  Detail & Related papers  (2021-02-16T19:03:25Z)
• Cassandra: Detecting Trojaned Networks from Adversarial Perturbations [92.43879594465422]
  In many cases, pre-trained models are sourced from vendors who may have disrupted the training pipeline to insert Trojan behaviors into the models. We propose a method to verify if a pre-trained model is Trojaned or benign. Our method captures fingerprints of neural networks in the form of adversarial perturbations learned from the network gradients.
  arXiv  Detail & Related papers  (2020-07-28T19:00:40Z)
• Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain [58.30296637276011]
  This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques. It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
  arXiv  Detail & Related papers  (2020-07-05T18:22:40Z)
• Adversarial Attacks on Machine Learning Systems for High-Frequency Trading [55.30403936506338]
  We study valuation models for algorithmic trading from the perspective of adversarial machine learning. We introduce new attacks specific to this domain with size constraints that minimize attack costs. We discuss how these attacks can be used as an analysis tool to study and evaluate the robustness properties of financial models.
  arXiv  Detail & Related papers  (2020-02-21T22:04:35Z)
• NAttack! Adversarial Attacks to bypass a GAN based classifier trained to detect Network intrusion [0.3007949058551534]
  Before the rise of machine learning, network anomalies which could imply an attack, were detected using well-crafted rules. With the advancements of machine learning for network anomaly, it is not easy for a human to understand how to bypass a cyber-defence system. In this paper, we show that even if we build a classifier and train it with adversarial examples for network data, we can use adversarial attacks and successfully break the system.
  arXiv  Detail & Related papers  (2020-02-20T01:54:45Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.