Portal de Periódicos da CAPES

A Novel Crypto-Ransomware Family Classification Based on Horizontal Feature Simplification

2020; Springer Nature; Linguagem: Inglês

10.1007/978-981-15-4409-5_1

2194-5357

Mohsen Kakavand, Lingges Arulsamy, Aida Mustapha, Mohammad Dabbagh,

Anomaly Detection Techniques and Applications

Analytical research on a distinct form of malware otherwise known as crypto-ransomware was studied in this current research. Recent incidents around the globe indicate crypto-ransomware has been an increasing threat due to its nature of encrypting victims, targeted information and keeping the decryption key in the deep Web until a reasonable sum of ransom is paid, usually by cryptocurrency. In addition, current intrusion detection systems (IDSs) are not accurate enough to evade attacks with intelligently written crypto-ransomware features such as polymorphic, environment mapping, and partially encrypting files or saturating the system with low entropy file write operations in order to produce a lower encryption footprint, which can cause inability toward the intrusion detection system (IDS) to detect malicious crypto-ransomware activity. This research has explored diverse data preprocessing technique to depict crypto-ransomware as images. In effort to classify crypto-ransomware images, this research will utilize the existing neural network methods to train a classifier to classify new crypto-ransomware files into their family classes. In a broader context, the concept for this research is to create a crypto-ransomware early detection approach. Nevertheless, the primary contribution is the proof of baselining horizontal feature simplification concept, whereby it provides an accurate real-time detection rate for crypto-ransomware with less system load toward the user device.