发布求助
文献互助 智能选刊 最新文献

Federated Learning Approach for Distributed Ransomware Analysis

ACNS Workshops Pub Date : 2023-06-25 DOI:10.48550/arXiv.2306.14090
Aldin Vehabovic, H. Zanddizari, F. Shaikh, Nasir Ghani, Morteza Safaei Pour, E. Bou-Harb, J. Crichigno
{"title":"Federated Learning Approach for Distributed Ransomware Analysis","authors":"Aldin Vehabovic, H. Zanddizari, F. Shaikh, Nasir Ghani, Morteza Safaei Pour, E. Bou-Harb, J. Crichigno","doi":"10.48550/arXiv.2306.14090","DOIUrl":null,"url":null,"abstract":"Researchers have proposed a wide range of ransomware detection and analysis schemes. However, most of these efforts have focused on older families targeting Windows 7/8 systems. Hence there is a critical need to develop efficient solutions to tackle the latest threats, many of which may have relatively fewer samples to analyze. This paper presents a machine learning (ML) framework for early ransomware detection and attribution. The solution pursues a data-centric approach which uses a minimalist ransomware dataset and implements static analysis using portable executable (PE) files. Results for several ML classifiers confirm strong performance in terms of accuracy and zero-day threat detection.","PeriodicalId":406001,"journal":{"name":"ACNS Workshops","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACNS Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.48550/arXiv.2306.14090","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Researchers have proposed a wide range of ransomware detection and analysis schemes. However, most of these efforts have focused on older families targeting Windows 7/8 systems. Hence there is a critical need to develop efficient solutions to tackle the latest threats, many of which may have relatively fewer samples to analyze. This paper presents a machine learning (ML) framework for early ransomware detection and attribution. The solution pursues a data-centric approach which uses a minimalist ransomware dataset and implements static analysis using portable executable (PE) files. Results for several ML classifiers confirm strong performance in terms of accuracy and zero-day threat detection.
分享
查看原文 本刊更多论文
分布式勒索软件分析的联邦学习方法
研究人员已经提出了广泛的勒索软件检测和分析方案。然而,这些努力大多集中在针对Windows 7/8系统的老家庭。因此,迫切需要开发有效的解决方案来应对最新的威胁,其中许多可能只有相对较少的样本可以分析。本文提出了一种用于早期勒索软件检测和归因的机器学习(ML)框架。该解决方案采用以数据为中心的方法,使用极简勒索软件数据集,并使用可移植可执行文件(PE)实现静态分析。几个ML分类器的结果在准确性和零日威胁检测方面证实了强大的性能。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
ACNS Workshops
ACNS Workshops
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信