AI-enhanced Defense Against Ransomware Within the Organization’s Architecture
Keywords:Ransomware detection, Ransomware prediction, Data analysis, Natural Language Processing, deep learning, LSTM
Ransomware is a type of revenue-generating tactic that cybercriminals utilize to improve their income. Businesses have spent billions of dollars recovering control of their resources, which may include confidential data, operational applications and models, financial transactions, and other information, as a result of malicious software. Ransomware can infiltrate a resource or device and restrict the owner from accessing or utilizing it. There are various obstacles that a business must overcome in order to avoid ransomware attacks. Traditional ransomware detection systems employ a static detection method in which a finite dataset is provided into the system and a logical check is performed to prevent ransomware attacks against the system. This was effective in the early stages of the internet, but the scenario of recent times is far more advanced, and as more and more cyber world contrivances have been analyzed, multiple gaps have been identified, to the benefit of ransomware attackers, who use these gaps to generate astronomically large sums of money. As a result, the suggested methodology aims to efficiently detect diverse patterns associated with various file formats by starting with their sources, data collecting, probabilistic identification of target devices, and deep learning classifier with intelligent detection. An organization can use the recommended approach to safeguard its data and prepare for future ransomware attacks by using it as a roadmap to lead them through their security efforts.
Corallo, A., Lazoi, M., and Lezzi, M. (2020). Cybersecurity in the context of industry 4.0: A structured classification of critical assets and business impacts. Computers in Industry, 114, 103165. doi:10.1016/j.compind.2019.103165
Z. Liu, K. Choo, W. Liu, and M. Khan, “Guest Editorial: Introduction to the Special Section on Cyber Security Threats and Defense Advance” in IEEE Transactions on Emerging Topics in Computing, vol. 8, no. 02, pp. 264–266, 2020. doi: 10.1109/TETC.2020.2995250
Chesti, I. A., Humayun, M., Sama, N. U., and Jhanjhi, N. (2020). Evolution, Mitigation, and Prevention of Ransomware. 2020 2nd International Conference on Computer and Information Sciences (ICCIS). doi:10.1109/iccis49240.2020.9257708
Homayoun, S., Dehghantanha, A., Ahmadzadeh, M., Hashemi, S., and Khayami, R. (2017). Know Abnormal, Find Evil: Frequent Pattern Mining for Ransomware Threat Hunting and Intelligence. IEEE Transactions on Emerging Topics in Computing, 1–1. doi:10.1109/tetc.2017.2756908
Fagioli, A. (2019). Zero-day recovery: the key to mitigating the ransomware threat. Computer Fraud & Security, 2019(1), 6–9. doi:10.1016/s1361-3723(19)30006-5
Maigida, A. M., Abdulhamid, S. M., Olalere, M., Alhassan, J. K., Chiroma, H., and Dada, E. G. (2019). Systematic literature review and metadata analysis of ransomware attacks and detection mechanisms. Journal of Reliable Intelligent Environments. doi:10.1007/s40860-019-00080-3
Noor, M., Abbas, H., and Shahid, W. B. (2018). Countering cyber threats for industrial applications: An automated approach for malware evasion detection and analysis. Journal of Network and Computer Applications, 103, 249–261. doi:10.1016/j.jnca.2017.10.004
Humayun, M., Niazi, M., Jhanjhi, N., Alshayeb, M., and Mahmood, S. (2020). Cyber Security Threats and Vulnerabilities: A Systematic Mapping Study. Arabian Journal for Science and Engineering. doi:10.1007/s13369-019-04319-2
Pivarníková, M.; Sokol, P.; Bajtoš, T. Early-Stage Detection of Cyber Attacks. Information 2020, 11, 560. https://doi.org/10.3390/info11120560
Parn, E. A., and Edwards, D. (2019). Cyber threats confronting the digital built environment. Engineering, Construction and Architectural Management. doi:10.1108/ecam-03-2018-0101
Walker-Roberts, Steven, Hammoudeh, Mohammad, Aldabbas, Omar, Aydin, Mehmet and Dehghantanha, Ali. (2020). Threats on the horizon: understanding security threats in the era of cyber-physical systems. The Journal of Supercomputing. 76. 1–22. doi:10.1007/s11227-019-03028-9
S. Yu, G. Wang and W. Zhou, “Modeling malicious activities in cyber space,” in IEEE Network, vol. 29, no. 6, pp. 83–87, Nov.-Dec. 2015, doi:10.1109/MNET.2015.7340429
Chikapa, Macdonald and Namanya, Anitta Patience. (2018). Towards a Fast Off-Line Static Malware Analysis Framework. 182–187. doi:10.1109/W-FiCloud.2018.00035
Alenezi, Mohammed, Alabdulrazzaq, Haneen, Alshaher, Abdullah and Alkharang, Mubarak. (2020). Evolution of Malware Threats and Techniques: A Review. International Journal of Communication Networks and Information Security. 12. 326.
Ali, Azad. (2017). Ransomware: A Research and a Personal Case Study of Dealing with this Nasty Malware. Issues in Informing Science and Information Technology. 14. 087–099. doi:10.28945/3707.
Al-rimy Bander Ali Saleh, Maarof, M. A., and Shaid, S. Z. M. (2018). Ransomware threat success factors, taxonomy, and countermeasures: A survey and research directions. Computers & Security, 74, 144–166. doi:10.1016/j.cose.2018.01.001
Tailor, Jinal and Patel, Ashish. (2017). A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage Control. International Journal of Scientific Research. 4.
Simran Sabharwal, Dr. Shilpi Sharma, 2018, Ransomware Attack : India issues Red Alert, International Journal of Engineering Research & Technology (IJERT) Volume 07, Issue 02 (February 2018), http://dx.doi.org/10.17577/IJERTV7IS020074
Bansal, Chetan, Deligiannis, Pantazis, Maddila, Chandra and Rao, Nikitha. (2020). Studying Ransomware Attacks Using Web Search Logs.
Satheesh Kumar, M., Ben-Othman, J., and Srinivasagan, K. G. (2018). An Investigation on Wannacry Ransomware and its Detection. 2018 IEEE Symposium on Computers and Communications (ISCC). doi:10.1109/iscc.2018.8538354
Shakir, Hasan and Jaber, Aws. (2018). A Short Review for Ransomware: Pros and Cons. 401–411. doi:10.1007/978-3-319-69835-9_38
Chen, Q., and Bridges, R. A. (2017). Automated Behavioral Analysis of Malware: A Case Study of WannaCry Ransomware. 2017 16th IEEE International Conference on Machine Learning and Applications (ICMLA). doi:10.1109/icmla.2017.0-119
Luo, Robert and Liao, Qinyu. (2007). Awareness Education as the Key to Ransomware Prevention. Information Systems Security. 16. 195-202. doi:10.1080/10658980701576412
Bae, S. I., Lee, G. B., and Im, E. G. (2019). Ransomware detection using machine learning algorithms. Concurrency and Computation: Practice and Experience, e5422. doi:10.1002/cpe.5422
Bello, I., Chiroma, H., Abdullahi, U. A., Gital, A. Y., Jauro, F., Khan, A., …Abdulhamid, S. M. (2020). Detecting ransomware attacks using intelligent algorithms: recent development and next direction from deep learning and big data perspectives. Journal of Ambient Intelligence and Humanized Computing. doi:10.1007/s12652-020-02630-7
Arabo, Abdullahi, Dijoux, Remi, Poulain, Timothee and Chevalier, Gregoire. (2020). Detecting Ransomware Using Process Behavior Analysis. Procedia Computer Science. 168. 289–296. doi:10.1016/j.procs.2020.02.249
Zhang, H., Xiao, X., Mercaldo, F., Ni, S., Martinelli, F., and Sangaiah, A. K. (2019). Classification of ransomware families with machine learning based onN-gram of opcodes. Future Generation Computer Systems, 90, 211–221. doi:10.1016/j.future.2018.07.052
Cusack, G., Michel, O., and Keller, E. (2018, March). Machine learning-based detection of ransomware using SDN. In Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization (pp. 1–6).
Alhawi, O. M., Baldwin, J., and Dehghantanha, A. (2018). Leveraging machine learning techniques for windows ransomware network traffic detection. In Cyber threat intelligence (pp. 93–106). Springer, Cham.
Poudyal, S., Subedi, K. P., and Dasgupta, D. (2018, November). A framework for analyzing ransomware using machine learning. In 2018 IEEE symposium series on computational intelligence (SSCI) (pp. 1692–1699). IEEE.
Fernando, Damien, Komninos, Nikos and Chen, Thomas. (2020). A Study on the Evolution of Ransomware Detection Using Machine Learning and Deep Learning Techniques. IoT. 1. 551–604. doi:10.3390/iot1020030
Ronen, Royi, Radu, Marian, Feuerstein, Corina, Yom-Tov, Elad and Ahmadi, Mansour. (2018). Microsoft Malware Classification Challenge. doi:10.13140/RG.2.2.34695.91045
Ait Hammou, Badr; Ait Lahcen, Ayoub; Mouline, Salma (2020). Towards a real-time processing framework based on improved distributed recurrent neural network variants with fastText for social big data analytics. Information Processing & Management, 57(1), 102122–. doi:10.1016/j.ipm.2019.102122
Hochreiter, Sepp and Schmidhuber, Jürgen. (1997). Long Short-term Memory. Neural computation. 9. 1735–1780. doi:10.1162/neco.19220.127.116.115
Li, J., Mohamed, A., Zweig, G., and Gong, Y. (2015). LSTM time and frequency recurrence for automatic speech recognition. 2015 IEEE Workshop on Automatic Speech Recognition and Understanding (ASRU). doi:10.1109/asru.2015.7404793
Kingma, Diederik and Ba, Jimmy. (2014). Adam: A Method for Stochastic Optimization. International Conference on Learning Representations.
Ruder, Sebastian. (2016). An overview of gradient descent optimization algorithms.
Zhang, H., Xiao, X., Mercaldo, F., Ni, S., Martinelli, F., and Sangaiah, A. K. (2019). Classification of ransomware families with machine learning based onN-gram of opcodes. Future Generation Computer Systems, 90, 211–221.
How to Cite
Copyright (c) 2022 Journal of Cyber Security and Mobility
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.