Hierarchical Manifold Projection for Ransomware Detection: A Novel Geometric Approach to Identifying Malicious Encryption Patterns

• URL: http://arxiv.org/abs/2502.08013v1
• Date: Tue, 11 Feb 2025 23:20:58 GMT
• Title: Hierarchical Manifold Projection for Ransomware Detection: A Novel Geometric Approach to Identifying Malicious Encryption Patterns
• Authors: Frederick Pembroke, Eleanor Featherstonehaugh, Sebastian Wetherington, Harriet Fitzgerald, Maximilian Featherington, Peter Idliman,
• Abstract summary: Encryption-based cyber threats continue to evolve, employing increasingly sophisticated techniques to bypass traditional detection mechanisms. A novel classification framework structured through hierarchical manifold projection introduces a mathematical approach to detecting malicious encryption. The proposed methodology transforms encryption sequences into structured manifold embeddings, ensuring classification robustness through non-Euclidean feature separability.
• Score: 0.0
• License:
• Abstract: Encryption-based cyber threats continue to evolve, employing increasingly sophisticated techniques to bypass traditional detection mechanisms. Many existing classification strategies depend on static rule sets, signature-based matching, or machine learning models that require extensive labeled datasets, making them ineffective against emerging ransomware families that exhibit polymorphic and adversarial behaviors. A novel classification framework structured through hierarchical manifold projection introduces a mathematical approach to detecting malicious encryption workflows, preserving geometric consistencies that differentiate ransomware-induced modifications from benign cryptographic operations. The proposed methodology transforms encryption sequences into structured manifold embeddings, ensuring classification robustness through non-Euclidean feature separability rather than reliance on static indicators. Generalization capabilities remain stable across diverse ransomware variants, as hierarchical decomposition techniques capture multi-scale encryption characteristics while maintaining resilience against code obfuscation and execution flow modifications. Empirical analysis demonstrates that detection accuracy remains high even when encryption key variability, delayed execution tactics, or API call obfuscation strategies are introduced, reinforcing the reliability of manifold-based classification. Real-time scalability assessments confirm that the proposed approach maintains computational efficiency across increasing dataset volumes, validating its applicability to large-scale threat detection scenarios.

Related papers

• Hierarchical Polysemantic Feature Embedding for Autonomous Ransomware Detection [0.0]
  The evolution of ransomware requires the development of more sophisticated detection techniques. The proposed framework embeds ransomware-relevant features into a non-Euclidean space. Experimental evaluations demonstrated that the framework consistently outperformed conventional machine learning-based models. The proposed method maintains a balance between detection performance and processing overhead, making it a viable candidate for real-world cybersecurity applications.
  arXiv  Detail & Related papers  (2025-02-09T21:46:36Z)
• Neural Encrypted State Transduction for Ransomware Classification: A Novel Approach Using Cryptographic Flow Residuals [0.0]
  An approach based on Neural Encrypted State Transduction (NEST) is introduced to analyze cryptographic flow residuals. NEST maps state transitions dynamically, enabling high-confidence classification without requiring direct access to decrypted execution traces.
  arXiv  Detail & Related papers  (2025-02-07T21:26:51Z)
• Semantic Entanglement-Based Ransomware Detection via Probabilistic Latent Encryption Mapping [0.0]
  Probabilistic Latent Encryption Mapping models encryption behaviors through statistical representations of entropy deviations and probabilistic dependencies in execution traces. Evaluations demonstrate that entropy-driven classification reduces false positive rates while maintaining high detection accuracy across diverse ransomware families and encryption methodologies. The ability to systematically infer encryption-induced deviations without requiring static attack signatures strengthens detection against adversarial evasion techniques.
  arXiv  Detail & Related papers  (2025-02-04T21:27:58Z)
• Hierarchical Cryptographic Signature Mapping for Ransomware Classification: A Structural Decomposition Approach [0.0]
  A hierarchical classification framework designed to analyze structural cryptographic properties provides a novel approach to distinguishing malicious encryption. The study examines how cryptographic feature mapping facilitates improved classification accuracy. The layered structural analysis further enhances forensic investigations, enabling security analysts to dissect encryption to trace attack origins.
  arXiv  Detail & Related papers  (2025-01-31T13:23:51Z)
• Hierarchical Pattern Decryption Methodology for Ransomware Detection Using Probabilistic Cryptographic Footprints [0.0]
  The framework combines advanced clustering algorithms with machine learning to isolate ransomware-induced anomalies. It effectively distinguishes malicious encryption operations from benign activities while maintaining low false positive rates. The inclusion of real-time anomaly evaluation ensures rapid response capabilities, addressing critical latency challenges in ransomware detection.
  arXiv  Detail & Related papers  (2025-01-25T05:26:17Z)
• Cryptanalysis via Machine Learning Based Information Theoretic Metrics [58.96805474751668]
  We propose two novel applications of machine learning (ML) algorithms to perform cryptanalysis on any cryptosystem. These algorithms can be readily applied in an audit setting to evaluate the robustness of a cryptosystem. We show that our classification model correctly identifies the encryption schemes that are not IND-CPA secure, such as DES, RSA, and AES ECB, with high accuracy.
  arXiv  Detail & Related papers  (2025-01-25T04:53:36Z)
• MMNet: Multi-Collaboration and Multi-Supervision Network for Sequential Deepfake Detection [81.59191603867586]
  Sequential deepfake detection aims to identify forged facial regions with the correct sequence for recovery. The recovery of forged images requires knowledge of the manipulation model to implement inverse transformations. We propose Multi-Collaboration and Multi-Supervision Network (MMNet) that handles various spatial scales and sequential permutations in forged face images.
  arXiv  Detail & Related papers  (2023-07-06T02:32:08Z)
• Spatial-Frequency Discriminability for Revealing Adversarial Perturbations [53.279716307171604]
  Vulnerability of deep neural networks to adversarial perturbations has been widely perceived in the computer vision community. Current algorithms typically detect adversarial patterns through discriminative decomposition for natural and adversarial data. We propose a discriminative detector relying on a spatial-frequency Krawtchouk decomposition.
  arXiv  Detail & Related papers  (2023-05-18T10:18:59Z)
• Improving robustness of jet tagging algorithms with adversarial training [56.79800815519762]
  We investigate the vulnerability of flavor tagging algorithms via application of adversarial attacks. We present an adversarial training strategy that mitigates the impact of such simulated attacks.
  arXiv  Detail & Related papers  (2022-03-25T19:57:19Z)
• Software Vulnerability Detection via Deep Learning over Disaggregated Code Graph Representation [57.92972327649165]
  This work explores a deep learning approach to automatically learn the insecure patterns from code corpora. Because code naturally admits graph structures with parsing, we develop a novel graph neural network (GNN) to exploit both the semantic context and structural regularity of a program.
  arXiv  Detail & Related papers  (2021-09-07T21:24:36Z)
• Increasing the Confidence of Deep Neural Networks by Coverage Analysis [71.57324258813674]
  This paper presents a lightweight monitoring architecture based on coverage paradigms to enhance the model against different unsafe inputs. Experimental results show that the proposed approach is effective in detecting both powerful adversarial examples and out-of-distribution inputs.
  arXiv  Detail & Related papers  (2021-01-28T16:38:26Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.