Hierarchical Entropy Disruption for Ransomware Detection: A Computationally-Driven Framework

• URL: http://arxiv.org/abs/2502.08843v1
• Date: Wed, 12 Feb 2025 23:29:06 GMT
• Title: Hierarchical Entropy Disruption for Ransomware Detection: A Computationally-Driven Framework
• Authors: Hayden Srynn, Gilbert Pomeroy, Florence Lytton, Godfrey Ashcombe, Valentine Harcourt, Duncan Pettigrew,
• Abstract summary: Monitoring entropy variations offers an alternative approach to identifying unauthorized data modifications. A framework leveraging hierarchical entropy disruption was introduced to analyze deviations in entropy distributions. evaluating the framework across multiple ransomware variants demonstrated its capability to achieve high detection accuracy.
• Score: 0.0
• License:
• Abstract: The rapid evolution of encryption-based threats has rendered conventional detection mechanisms increasingly ineffective against sophisticated attack strategies. Monitoring entropy variations across hierarchical system levels offers an alternative approach to identifying unauthorized data modifications without relying on static signatures. A framework leveraging hierarchical entropy disruption was introduced to analyze deviations in entropy distributions, capturing behavioral anomalies indicative of malicious encryption operations. Evaluating the framework across multiple ransomware variants demonstrated its capability to achieve high detection accuracy while maintaining minimal computational overhead. Entropy distributions across different system directories revealed that encryption activities predominantly targeted user-accessible files, aligning with observed attacker strategies. Detection latency analysis indicated that early-stage identification was feasible, mitigating potential data loss before critical system impact occurred. The framework's ability to operate efficiently in real-time environments was validated through an assessment of resource utilization, confirming a balanced trade-off between detection precision and computational efficiency. Comparative benchmarking against established detection methods highlighted the limitations of conventional approaches in identifying novel ransomware variants, whereas entropy-based anomaly detection provided resilience against obfuscation techniques.

Related papers

• A Computational Model for Ransomware Detection Using Cross-Domain Entropy Signatures [0.0]
  An entropy-based computational framework was introduced to analyze multi-domain system variations. A detection methodology was developed to differentiate between benign and ransomware-induced entropy shifts.
  arXiv  Detail & Related papers  (2025-02-15T07:50:55Z)
• Decentralized Entropy-Driven Ransomware Detection Using Autonomous Neural Graph Embeddings [0.0]
  The framework operates on a distributed network of nodes, eliminating single points of failure and enhancing resilience against targeted attacks. The integration of graph-based modeling and machine learning techniques enables the framework to capture complex system interactions. Case studies validate its effectiveness in real-world scenarios, showcasing its ability to detect and mitigate ransomware attacks within minutes of their initiation.
  arXiv  Detail & Related papers  (2025-02-11T11:59:10Z)
• Hierarchical Polysemantic Feature Embedding for Autonomous Ransomware Detection [0.0]
  The evolution of ransomware requires the development of more sophisticated detection techniques. The proposed framework embeds ransomware-relevant features into a non-Euclidean space. Experimental evaluations demonstrated that the framework consistently outperformed conventional machine learning-based models. The proposed method maintains a balance between detection performance and processing overhead, making it a viable candidate for real-world cybersecurity applications.
  arXiv  Detail & Related papers  (2025-02-09T21:46:36Z)
• Hierarchical Entropic Diffusion for Ransomware Detection: A Probabilistic Approach to Behavioral Anomaly Isolation [0.0]
  This paper introduces a structured entropy-based anomaly classification mechanism. It tracks fluctuations in entropy evolution to differentiate between benign cryptographic processes and unauthorized encryption attempts. It maintains high classification accuracy across diverse ransomware families, outperforming traditional-based and signature-driven approaches.
  arXiv  Detail & Related papers  (2025-02-06T08:55:11Z)
• Hierarchical Pattern Decryption Methodology for Ransomware Detection Using Probabilistic Cryptographic Footprints [0.0]
  The framework combines advanced clustering algorithms with machine learning to isolate ransomware-induced anomalies. It effectively distinguishes malicious encryption operations from benign activities while maintaining low false positive rates. The inclusion of real-time anomaly evaluation ensures rapid response capabilities, addressing critical latency challenges in ransomware detection.
  arXiv  Detail & Related papers  (2025-01-25T05:26:17Z)
• How adversarial attacks can disrupt seemingly stable accurate classifiers [76.95145661711514]
  Adversarial attacks dramatically change the output of an otherwise accurate learning system using a seemingly inconsequential modification to a piece of input data. Here, we show that this may be seen as a fundamental feature of classifiers working with high dimensional input data. We introduce a simple generic and generalisable framework for which key behaviours observed in practical systems arise with high probability.
  arXiv  Detail & Related papers  (2023-09-07T12:02:00Z)
• Large-Scale Sequential Learning for Recommender and Engineering Systems [91.3755431537592]
  In this thesis, we focus on the design of an automatic algorithms that provide personalized ranking by adapting to the current conditions. For the former, we propose novel algorithm called SAROS that take into account both kinds of feedback for learning over the sequence of interactions. The proposed idea of taking into account the neighbour lines shows statistically significant results in comparison with the initial approach for faults detection in power grid.
  arXiv  Detail & Related papers  (2022-05-13T21:09:41Z)
• Improving robustness of jet tagging algorithms with adversarial training [56.79800815519762]
  We investigate the vulnerability of flavor tagging algorithms via application of adversarial attacks. We present an adversarial training strategy that mitigates the impact of such simulated attacks.
  arXiv  Detail & Related papers  (2022-03-25T19:57:19Z)
• Increasing the Confidence of Deep Neural Networks by Coverage Analysis [71.57324258813674]
  This paper presents a lightweight monitoring architecture based on coverage paradigms to enhance the model against different unsafe inputs. Experimental results show that the proposed approach is effective in detecting both powerful adversarial examples and out-of-distribution inputs.
  arXiv  Detail & Related papers  (2021-01-28T16:38:26Z)
• No Need to Know Physics: Resilience of Process-based Model-free Anomaly Detection for Industrial Control Systems [95.54151664013011]
  We present a novel framework to generate adversarial spoofing signals that violate physical properties of the system. We analyze four anomaly detectors published at top security conferences.
  arXiv  Detail & Related papers  (2020-12-07T11:02:44Z)
• Bayesian Optimization with Machine Learning Algorithms Towards Anomaly Detection [66.05992706105224]
  In this paper, an effective anomaly detection framework is proposed utilizing Bayesian Optimization technique. The performance of the considered algorithms is evaluated using the ISCX 2012 dataset. Experimental results show the effectiveness of the proposed framework in term of accuracy rate, precision, low-false alarm rate, and recall.
  arXiv  Detail & Related papers  (2020-08-05T19:29:35Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.