Detection of ransomware attacks using federated learning based on the CNN model

• URL: http://arxiv.org/abs/2405.00418v1
• Date: Wed, 1 May 2024 09:57:34 GMT
• Title: Detection of ransomware attacks using federated learning based on the CNN model
• Authors: Hong-Nhung Nguyen, Ha-Thanh Nguyen, Damien Lescos,
• Abstract summary: This paper offers a ransomware attack modeling technique that targets the disrupted operation of a digital substation. Experiments demonstrate that the suggested technique detects ransomware with a high accuracy rate.
• Score: 3.183529890105507
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Computing is still under a significant threat from ransomware, which necessitates prompt action to prevent it. Ransomware attacks can have a negative impact on how smart grids, particularly digital substations. In addition to examining a ransomware detection method using artificial intelligence (AI), this paper offers a ransomware attack modeling technique that targets the disrupted operation of a digital substation. The first, binary data is transformed into image data and fed into the convolution neural network model using federated learning. The experimental findings demonstrate that the suggested technique detects ransomware with a high accuracy rate.

Related papers

• Understanding crypter-as-a-service in a popular underground marketplace [51.328567400947435]
  Crypters are pieces of software whose main goal is to transform a target binary so it can avoid detection from Anti Viruses (AVs) applications. The crypter-as-a-service model has gained popularity, in response to the increased sophistication of detection mechanisms. This paper provides the first study on an online underground market dedicated to crypter-as-a-service.
  arXiv  Detail & Related papers  (2024-05-20T08:35:39Z)
• Ransomware threat mitigation through network traffic analysis and machine learning techniques [0.0]
  This paper focuses on a method for recognizing and identifying ransomware in computer networks. The approach relies on using machine learning algorithms and analyzing the patterns of network traffic. The results of implementing this method show that machine learning algorithms can effectively pinpoint ransomware based on network traffic.
  arXiv  Detail & Related papers  (2024-01-27T03:55:28Z)
• Ransomware Detection and Classification using Machine Learning [7.573297026523597]
  This study uses the XGBoost and Random Forest (RF) algorithms to detect and classify ransomware attacks. The models are evaluated on a dataset of ransomware attacks and demonstrate their effectiveness in accurately detecting and classifying ransomware.
  arXiv  Detail & Related papers  (2023-11-05T18:16:53Z)
• RansomAI: AI-powered Ransomware for Stealthy Encryption [0.5172201569251684]
  RansomAI is a framework that learns the best encryption algorithm, rate, and duration that minimizes its detection. It evades the detection of Ransomware-PoC affecting the Raspberry Pi 4 in a few minutes with >90% accuracy.
  arXiv  Detail & Related papers  (2023-06-27T15:36:12Z)
• Untargeted Backdoor Attack against Object Detection [69.63097724439886]
  We design a poison-only backdoor attack in an untargeted manner, based on task characteristics. We show that, once the backdoor is embedded into the target model by our attack, it can trick the model to lose detection of any object stamped with our trigger patterns.
  arXiv  Detail & Related papers  (2022-11-02T17:05:45Z)
• Malware and Ransomware Detection Models [0.0]
  We introduce a novel and flexible ransomware detection model that combines two optimized models. Our detection results on a limited dataset demonstrate good accuracy and F1 scores.
  arXiv  Detail & Related papers  (2022-07-05T15:22:13Z)
• Mate! Are You Really Aware? An Explainability-Guided Testing Framework for Robustness of Malware Detectors [49.34155921877441]
  We propose an explainability-guided and model-agnostic testing framework for robustness of malware detectors. We then use this framework to test several state-of-the-art malware detectors' abilities to detect manipulated malware. Our findings shed light on the limitations of current malware detectors, as well as how they can be improved.
  arXiv  Detail & Related papers  (2021-11-19T08:02:38Z)
• Being Single Has Benefits. Instance Poisoning to Deceive Malware Classifiers [47.828297621738265]
  We show how an attacker can launch a sophisticated and efficient poisoning attack targeting the dataset used to train a malware classifier. As opposed to other poisoning attacks in the malware detection domain, our attack does not focus on malware families but rather on specific malware instances that contain an implanted trigger. We propose a comprehensive detection approach that could serve as a future sophisticated defense against this newly discovered severe threat.
  arXiv  Detail & Related papers  (2020-10-30T15:27:44Z)
• Cassandra: Detecting Trojaned Networks from Adversarial Perturbations [92.43879594465422]
  In many cases, pre-trained models are sourced from vendors who may have disrupted the training pipeline to insert Trojan behaviors into the models. We propose a method to verify if a pre-trained model is Trojaned or benign. Our method captures fingerprints of neural networks in the form of adversarial perturbations learned from the network gradients.
  arXiv  Detail & Related papers  (2020-07-28T19:00:40Z)
• Scalable Backdoor Detection in Neural Networks [61.39635364047679]
  Deep learning models are vulnerable to Trojan attacks, where an attacker can install a backdoor during training time to make the resultant model misidentify samples contaminated with a small trigger patch. We propose a novel trigger reverse-engineering based approach whose computational complexity does not scale with the number of labels, and is based on a measure that is both interpretable and universal across different network and patch types. In experiments, we observe that our method achieves a perfect score in separating Trojaned models from pure models, which is an improvement over the current state-of-the art method.
  arXiv  Detail & Related papers  (2020-06-10T04:12:53Z)
• Towards a Resilient Machine Learning Classifier -- a Case Study of Ransomware Detection [5.560986338397972]
  A machine learning (ML) classifier was built to detect ransomware (called crypto-ransomware) We find that input/output activities of ransomware and the file-content entropy are unique traits to detect crypto-ransomware. In addition to accuracy and resiliency, trustworthiness is the other key criteria for a quality detector.
  arXiv  Detail & Related papers  (2020-03-13T18:02:19Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.