Analysis of Machine Learning Techniques for Ransomware Detection

Fakhroddin Noorbehbahani, Farzaneh Rasouli, Mohammad Saberi
{"title":"Analysis of Machine Learning Techniques for Ransomware Detection","authors":"Fakhroddin Noorbehbahani, Farzaneh Rasouli, Mohammad Saberi","doi":"10.1109/ISCISC48546.2019.8985139","DOIUrl":null,"url":null,"abstract":"In parallel with the increasing growth of the Internet and computer networks, the number of malwares has been increasing every day. Today, one of the newest attacks and the biggest threats in cybersecurity is ransomware. The effectiveness of applying machine learning techniques for malware detection has been explored in much scientific research, however, there is few studies focused on machine learning-based ransomware detection. In this paper, the effectiveness of ransomware detection using machine learning methods applied to CICAndMal2017 dataset is examined in two experiments. First, the classifiers are trained on a single dataset containing different types of ransomware. Second, different classifiers are trained on datasets of 10 ransomware families distinctly. Our findings imply that in both experiments random forest outperforms other tested classifiers and the performance of the classifiers are not changed significantly when they are trained on each family distinctly. Therefore, the random forest classification method is very effective in ransomware detection.","PeriodicalId":128407,"journal":{"name":"2019 16th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 16th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCISC48546.2019.8985139","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 19

Abstract

In parallel with the increasing growth of the Internet and computer networks, the number of malwares has been increasing every day. Today, one of the newest attacks and the biggest threats in cybersecurity is ransomware. The effectiveness of applying machine learning techniques for malware detection has been explored in much scientific research, however, there is few studies focused on machine learning-based ransomware detection. In this paper, the effectiveness of ransomware detection using machine learning methods applied to CICAndMal2017 dataset is examined in two experiments. First, the classifiers are trained on a single dataset containing different types of ransomware. Second, different classifiers are trained on datasets of 10 ransomware families distinctly. Our findings imply that in both experiments random forest outperforms other tested classifiers and the performance of the classifiers are not changed significantly when they are trained on each family distinctly. Therefore, the random forest classification method is very effective in ransomware detection.
勒索软件检测中的机器学习技术分析
随着互联网和计算机网络的不断发展,恶意软件的数量也在与日俱增。如今,网络安全领域最新的攻击和最大的威胁之一是勒索软件。应用机器学习技术进行恶意软件检测的有效性已经在许多科学研究中进行了探索,然而,基于机器学习的勒索软件检测的研究很少。本文通过两个实验检验了机器学习方法在CICAndMal2017数据集上检测勒索软件的有效性。首先,分类器在包含不同类型勒索软件的单个数据集上进行训练。其次,对10个勒索软件家族的数据集进行不同分类器的训练。我们的研究结果表明,在这两个实验中,随机森林的分类器优于其他被测试的分类器,并且当分类器对每个家庭进行明显训练时,分类器的性能没有显着变化。因此,随机森林分类方法在勒索软件检测中是非常有效的。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信