论文信息 - Large scale ransomware detection by cognitive security

Large scale ransomware detection by cognitive security

Attacks of Ransomware [14] are increasing every day. This type of threads explodes the system vulnerabilities, especially those that have a base on Microsoft Windows. From May 2017 millions of computers around the world experienced this virus. For this reason, the necessity of creating different mechanisms which act proactively, it is the way to prevent high levels of its spreading. This proposed research will create a model for ransomware detection and prevention. It will analyze nonstructured data stored in Ecuadorian control and regulatory institution (EcuCERT) logs. Also, it will create a corpus to detect behavior patterns of the main vulnerabilities related to ransomware [26] [27], found in Microsoft Windows Systems [20] and using machine learning techniques. Methods for selecting important variables inside Logs will be used to decide which features best represent the data that makes up the threat. These variables will form the corpus, and they will be the input from automatic learning algorithms. Algorithms will model patterns which will serve to detect early the ransomware before they hijack the data. Finally, the researcher will report the detection of the thread.

Myriam Hernández-Alvarez | Juan A. Herrera Silva | Myriam Hernández-Álvarez

[1] L. Spitzner,et al. Honeypots: Tracking Hackers , 2002 .

[2] Christopher Krügel,et al. Framing Dependencies Introduced by Underground Commoditization , 2015, WEIS.

[3] Nikos Karampatziakis,et al. Using File Relationships in Malware Classification , 2012, DIMVA.

[4] Marcus A. Maloof,et al. Learning to Detect and Classify Malicious Executables in the Wild , 2006, J. Mach. Learn. Res..

[5] Carsten Willems,et al. Automatic analysis of malware behavior using machine learning , 2011, J. Comput. Secur..

[6] Leyla Bilge,et al. Cutting the Gordian Knot: A Look Under the Hood of Ransomware Attacks , 2015, DIMVA.

[7] Alexandre Gazet,et al. Comparative analysis of various ransomware virii , 2010, Journal in Computer Virology.

[8] Christos Faloutsos,et al. Polonium: Tera-Scale Graph Mining and Inference for Malware Detection , 2011 .

[9] Duen Horng Chau,et al. Guilt by association: large scale malware detection by mining file-relation graphs , 2014, KDD.

[10] CACM Staff,et al. Cybersecurity , 2017, Studies in Big Data.

[11] Cath Everett,et al. Ransomware: to pay or not to pay? , 2016 .