AI-enhanced Defense Against Ransomware Within the Organization's Architecture

Q3 Computer Science

Journal of Cyber Security and Mobility Pub Date : 2022-11-07 DOI:10.13052/jcsm2245-1439.1146

B. Chaithanya, S. Brahmananda

{"title":"AI-enhanced Defense Against Ransomware Within the Organization's Architecture","authors":"B. Chaithanya, S. Brahmananda","doi":"10.13052/jcsm2245-1439.1146","DOIUrl":null,"url":null,"abstract":"Ransomware is a type of revenue-generating tactic that cybercriminals utilize to improve their income. Businesses have spent billions of dollars recovering control of their resources, which may include confidential data, operational applications and models, financial transactions, and other information, as a result of malicious software. Ransomware can infiltrate a resource or device and restrict the owner from accessing or utilizing it. There are various obstacles that a business must overcome in order to avoid ransomware attacks. Traditional ransomware detection systems employ a static detection method in which a finite dataset is provided into the system and a logical check is performed to prevent ransomware attacks against the system. This was effective in the early stages of the internet, but the scenario of recent times is far more advanced, and as more and more cyber world contrivances have been analyzed, multiple gaps have been identified, to the benefit of ransomware attackers, who use these gaps to generate astronomically large sums of money. As a result, the suggested methodology aims to efficiently detect diverse patterns associated with various file formats by starting with their sources, data collecting, probabilistic identification of target devices, and deep learning classifier with intelligent detection. An organization can use the recommended approach to safeguard its data and prepare for future ransomware attacks by using it as a roadmap to lead them through their security efforts.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"7 1","pages":"621-654"},"PeriodicalIF":0.0000,"publicationDate":"2022-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cyber Security and Mobility","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.13052/jcsm2245-1439.1146","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Computer Science","Score":null,"Total":0}

引用次数: 2

Abstract

Ransomware is a type of revenue-generating tactic that cybercriminals utilize to improve their income. Businesses have spent billions of dollars recovering control of their resources, which may include confidential data, operational applications and models, financial transactions, and other information, as a result of malicious software. Ransomware can infiltrate a resource or device and restrict the owner from accessing or utilizing it. There are various obstacles that a business must overcome in order to avoid ransomware attacks. Traditional ransomware detection systems employ a static detection method in which a finite dataset is provided into the system and a logical check is performed to prevent ransomware attacks against the system. This was effective in the early stages of the internet, but the scenario of recent times is far more advanced, and as more and more cyber world contrivances have been analyzed, multiple gaps have been identified, to the benefit of ransomware attackers, who use these gaps to generate astronomically large sums of money. As a result, the suggested methodology aims to efficiently detect diverse patterns associated with various file formats by starting with their sources, data collecting, probabilistic identification of target devices, and deep learning classifier with intelligent detection. An organization can use the recommended approach to safeguard its data and prepare for future ransomware attacks by using it as a roadmap to lead them through their security efforts.

查看原文本刊更多论文

在组织架构内增强人工智能防御勒索软件

勒索软件是网络犯罪分子用来增加收入的一种创收策略。企业已经花费了数十亿美元来恢复对其资源的控制，这些资源可能包括机密数据、操作应用程序和模型、金融交易和其他信息，这些都是恶意软件造成的。勒索软件可以渗透资源或设备，并限制所有者访问或使用它。为了避免勒索软件攻击，企业必须克服各种障碍。传统的勒索软件检测系统采用静态检测方法，将有限数据集提供给系统，并执行逻辑检查以防止勒索软件对系统的攻击。这在互联网的早期阶段是有效的，但最近的情况要先进得多，随着越来越多的网络世界的发明被分析，已经发现了多个漏洞，这有利于勒索软件攻击者，他们利用这些漏洞来赚取天文数字的巨额资金。因此，建议的方法旨在通过从各种文件格式的来源、数据收集、目标设备的概率识别以及具有智能检测的深度学习分类器开始，有效地检测与各种文件格式相关的各种模式。组织可以使用推荐的方法来保护其数据，并通过将其作为路线图来引导他们完成安全工作，从而为未来的勒索软件攻击做好准备。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Cyber Security and Mobility Computer Science-Computer Networks and Communications

CiteScore

2.30

自引率

0.00%

发文量

期刊介绍： Journal of Cyber Security and Mobility is an international, open-access, peer reviewed journal publishing original research, review/survey, and tutorial papers on all cyber security fields including information, computer & network security, cryptography, digital forensics etc. but also interdisciplinary articles that cover privacy, ethical, legal, economical aspects of cyber security or emerging solutions drawn from other branches of science, for example, nature-inspired. The journal aims at becoming an international source of innovation and an essential reading for IT security professionals around the world by providing an in-depth and holistic view on all security spectrum and solutions ranging from practical to theoretical. Its goal is to bring together researchers and practitioners dealing with the diverse fields of cybersecurity and to cover topics that are equally valuable for professionals as well as for those new in the field from all sectors industry, commerce and academia. This journal covers diverse security issues in cyber space and solutions thereof. As cyber space has moved towards the wireless/mobile world, issues in wireless/mobile communications and those involving mobility aspects will also be published.