Decentralized Entropy-Driven Ransomware Detection Using Autonomous Neural Graph Embeddings

• URL: http://arxiv.org/abs/2502.07498v1
• Date: Tue, 11 Feb 2025 11:59:10 GMT
• Title: Decentralized Entropy-Driven Ransomware Detection Using Autonomous Neural Graph Embeddings
• Authors: Ekaterina Starchenko, Hugo Bellinghamshire, David Pickering, Tristan Weatherspoon, Nathaniel Berkhamstead, Elizabeth Green, Magnus Rothschild,
• Abstract summary: The framework operates on a distributed network of nodes, eliminating single points of failure and enhancing resilience against targeted attacks.<n>The integration of graph-based modeling and machine learning techniques enables the framework to capture complex system interactions.<n>Case studies validate its effectiveness in real-world scenarios, showcasing its ability to detect and mitigate ransomware attacks within minutes of their initiation.
• Score: 0.0
• License: http://creativecommons.org/licenses/by-nc-nd/4.0/
• Abstract: The increasing sophistication of cyber threats has necessitated the development of advanced detection mechanisms capable of identifying and mitigating ransomware attacks with high precision and efficiency. A novel framework, termed Decentralized Entropy-Driven Detection (DED), is introduced, leveraging autonomous neural graph embeddings and entropy-based anomaly scoring to address the limitations of traditional methods. The framework operates on a distributed network of nodes, eliminating single points of failure and enhancing resilience against targeted attacks. Experimental results demonstrate its ability to achieve detection accuracy exceeding 95\%, with false positive rates maintained below 2\% across diverse ransomware variants. The integration of graph-based modeling and machine learning techniques enables the framework to capture complex system interactions, facilitating the identification of subtle anomalies indicative of ransomware activity. Comparative analysis against existing methods highlights its superior performance in terms of detection rates and computational efficiency. Case studies further validate its effectiveness in real-world scenarios, showcasing its ability to detect and mitigate ransomware attacks within minutes of their initiation. The proposed framework represents a significant step forward in cybersecurity, offering a scalable and adaptive solution to the growing challenge of ransomware detection.

Related papers

• A Computational Model for Ransomware Detection Using Cross-Domain Entropy Signatures [0.0]
  An entropy-based computational framework was introduced to analyze multi-domain system variations. A detection methodology was developed to differentiate between benign and ransomware-induced entropy shifts.
  arXiv  Detail & Related papers  (2025-02-15T07:50:55Z)
• Decentralized Entropy-Based Ransomware Detection Using Autonomous Feature Resonance [0.0]
  A novel approach, termed Autonomous Feature Resonance, is introduced to address the limitations of traditional ransomware detection methods. The proposed method achieves an overall detection accuracy of 97.3%, with false positive and false negative rates of 1.8% and 2.1%, respectively.
  arXiv  Detail & Related papers  (2025-02-14T00:26:10Z)
• Hierarchical Entropy Disruption for Ransomware Detection: A Computationally-Driven Framework [0.0]
  Monitoring entropy variations offers an alternative approach to identifying unauthorized data modifications. A framework leveraging hierarchical entropy disruption was introduced to analyze deviations in entropy distributions. evaluating the framework across multiple ransomware variants demonstrated its capability to achieve high detection accuracy.
  arXiv  Detail & Related papers  (2025-02-12T23:29:06Z)
• Hierarchical Entropic Diffusion for Ransomware Detection: A Probabilistic Approach to Behavioral Anomaly Isolation [0.0]
  This paper introduces a structured entropy-based anomaly classification mechanism.<n>It tracks fluctuations in entropy evolution to differentiate between benign cryptographic processes and unauthorized encryption attempts.<n>It maintains high classification accuracy across diverse ransomware families, outperforming traditional-based and signature-driven approaches.
  arXiv  Detail & Related papers  (2025-02-06T08:55:11Z)
• Entropy-Synchronized Neural Hashing for Unsupervised Ransomware Detection [0.0]
  The Entropy-Synchronized Neural Hashing (ESNH) framework uses entropy-driven hash representations to classify software binaries.<n>The model generates robust and unique hash values that maintain stability even when faced with polymorphic and metamorphic transformations.
  arXiv  Detail & Related papers  (2025-01-30T04:40:57Z)
• Hierarchical Pattern Decryption Methodology for Ransomware Detection Using Probabilistic Cryptographic Footprints [0.0]
  The framework combines advanced clustering algorithms with machine learning to isolate ransomware-induced anomalies.<n>It effectively distinguishes malicious encryption operations from benign activities while maintaining low false positive rates.<n>The inclusion of real-time anomaly evaluation ensures rapid response capabilities, addressing critical latency challenges in ransomware detection.
  arXiv  Detail & Related papers  (2025-01-25T05:26:17Z)
• A Sysmon Incremental Learning System for Ransomware Analysis and Detection [1.495391051525033]
  In the face of increasing cyber threats, particularly ransomware attacks, there is a pressing need for advanced detection and analysis systems.<n>Most of these proposals leverage non-incremental learning approaches that require the underlying models to be updated from scratch to detect new ransomware.<n>This approach is problematic because it leaves sensitive data vulnerable to attack during retraining, as newly emerging ransomware strains may go undetected until the model is updated.<n>We present the Sysmon Incremental Learning System for Analysis and Detection (SILRAD), which enables continuous updates to the underlying model and effectively closes the training gap.
  arXiv  Detail & Related papers  (2025-01-02T06:22:58Z)
• Comprehensive Botnet Detection by Mitigating Adversarial Attacks, Navigating the Subtleties of Perturbation Distances and Fortifying Predictions with Conformal Layers [1.6001193161043425]
  Botnets are computer networks controlled by malicious actors that present significant cybersecurity challenges. This research addresses the sophisticated adversarial manipulations posed by attackers, aiming to undermine machine learning-based botnet detection systems. We introduce a flow-based detection approach, leveraging machine learning and deep learning algorithms trained on the ISCX and ISOT datasets.
  arXiv  Detail & Related papers  (2024-09-01T08:53:21Z)
• Residual Error: a New Performance Measure for Adversarial Robustness [85.0371352689919]
  A major challenge that limits the wide-spread adoption of deep learning has been their fragility to adversarial attacks. This study presents the concept of residual error, a new performance measure for assessing the adversarial robustness of a deep neural network. Experimental results using the case of image classification demonstrate the effectiveness and efficacy of the proposed residual error metric.
  arXiv  Detail & Related papers  (2021-06-18T16:34:23Z)
• Increasing the Confidence of Deep Neural Networks by Coverage Analysis [71.57324258813674]
  This paper presents a lightweight monitoring architecture based on coverage paradigms to enhance the model against different unsafe inputs. Experimental results show that the proposed approach is effective in detecting both powerful adversarial examples and out-of-distribution inputs.
  arXiv  Detail & Related papers  (2021-01-28T16:38:26Z)
• A Hamiltonian Monte Carlo Method for Probabilistic Adversarial Attack and Learning [122.49765136434353]
  We present an effective method, called Hamiltonian Monte Carlo with Accumulated Momentum (HMCAM), aiming to generate a sequence of adversarial examples. We also propose a new generative method called Contrastive Adversarial Training (CAT), which approaches equilibrium distribution of adversarial examples. Both quantitative and qualitative analysis on several natural image datasets and practical systems have confirmed the superiority of the proposed algorithm.
  arXiv  Detail & Related papers  (2020-10-15T16:07:26Z)
• Bayesian Optimization with Machine Learning Algorithms Towards Anomaly Detection [66.05992706105224]
  In this paper, an effective anomaly detection framework is proposed utilizing Bayesian Optimization technique. The performance of the considered algorithms is evaluated using the ISCX 2012 dataset. Experimental results show the effectiveness of the proposed framework in term of accuracy rate, precision, low-false alarm rate, and recall.
  arXiv  Detail & Related papers  (2020-08-05T19:29:35Z)
• Graph Backdoor [53.70971502299977]
  We present GTA, the first backdoor attack on graph neural networks (GNNs) GTA departs in significant ways: it defines triggers as specific subgraphs, including both topological structures and descriptive features. It can be instantiated for both transductive (e.g., node classification) and inductive (e.g., graph classification) tasks.
  arXiv  Detail & Related papers  (2020-06-21T19:45:30Z)
• Adversarial vs behavioural-based defensive AI with joint, continual and active learning: automated evaluation of robustness to deception, poisoning and concept drift [62.997667081978825]
  Recent advancements in Artificial Intelligence (AI) have brought new capabilities to behavioural analysis (UEBA) for cyber-security. In this paper, we present a solution to effectively mitigate this attack by improving the detection process and efficiently leveraging human expertise.
  arXiv  Detail & Related papers  (2020-01-13T13:54:36Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.