- Title
- API based discrimination of ransomware and benign cryptographic programs
- Creator
- Black, Paul; Sohail, Ammar; Gondal, Iqbal; Kamruzzaman, Joarder; Vamplew, Peter; Watters, Paul
- Date
- 2020
- Type
- Text; Conference paper
- Identifier
- http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/185815
- Identifier
- vital:16739
- Identifier
-
https://doi.org/10.1007/978-3-030-63833-7_15
- Identifier
- ISBN:03029743 (ISSN); 9783030638320 (ISBN)
- Abstract
- Ransomware is a widespread class of malware that encrypts files in a victim’s computer and extorts victims into paying a fee to regain access to their data. Previous research has proposed methods for ransomware detection using machine learning techniques. However, this research has not examined the precision of ransomware detection. While existing techniques show an overall high accuracy in detecting novel ransomware samples, previous research does not investigate the discrimination of novel ransomware from benign cryptographic programs. This is a critical, practical limitation of current research; machine learning based techniques would be limited in their practical benefit if they generated too many false positives (at best) or deleted/quarantined critical data (at worst). We examine the ability of machine learning techniques based on Application Programming Interface (API) profile features to discriminate novel ransomware from benign-cryptographic programs. This research provides a ransomware detection technique that provides improved detection accuracy and precision compared to other API profile based ransomware detection techniques while using significantly simpler features than previous dynamic ransomware detection research. © 2020, Springer Nature Switzerland AG.
- Publisher
- Springer Science and Business Media Deutschland GmbH
- Relation
- 27th International Conference on Neural Information Processing, ICONIP 2020, Bangkok, 18 to 22 November 2020, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) Vol. 12533 LNCS, p. 177-188
- Rights
- All metadata describing materials held in, or linked to, the repository is freely available under a CC0 licence
- Rights
- Copyright © 2020, Springer Nature Switzerland AG.
- Subject
- Dynamic analysis; Internet security and privacy; Machine learning; Ransomware
- Reviewed
- Hits: 2318
- Visitors: 1980
- Downloads: 0
Thumbnail | File | Description | Size | Format |
---|