Enhanced Ransomware Detection Using Dual-Layer Random Forest on Opcode Sequences DOI

Hanae Moritaka,

Daichi Komuro

Authorea (Authorea), Год журнала: 2024, Номер unknown

Опубликована: Июль 25, 2024

Ransomware continues to pose a significant threat cybersecurity, causing extensive damage through the encryption of critical data and subsequent ransom demands. Introducing novel dual-layer random forest approach enhances ransomware detection by leveraging hierarchical analysis opcode sequences, providing superior accuracy robustness compared traditional models. The proposed methodology involves an initial layer that captures general distribution patterns, followed refined second focuses on most discriminative features identified advanced feature engineering techniques such as n-gram models TF-IDF transformations. Extensive evaluations demonstrate model's effectiveness across various performance metrics, including accuracy, precision, recall, F1-score, significantly outperforming single-layer forests, support vector machines, neural networks. nature model mitigates overfitting ensures scalability, making it well-suited for real-world scenarios. Additionally, detailed importance provides valuable insights into distinguishing characteristics ransomware, facilitating development targeted cybersecurity strategies. represents advancement in malware detection, demonstrating potential machine learning address complex challenges with high reliability.

Язык: Английский

Enhanced Ransomware Detection Using Dual-Layer Random Forest on Opcode Sequences DOI

Hanae Moritaka,

Daichi Komuro

Authorea (Authorea), Год журнала: 2024, Номер unknown

Опубликована: Июль 25, 2024

Ransomware continues to pose a significant threat cybersecurity, causing extensive damage through the encryption of critical data and subsequent ransom demands. Introducing novel dual-layer random forest approach enhances ransomware detection by leveraging hierarchical analysis opcode sequences, providing superior accuracy robustness compared traditional models. The proposed methodology involves an initial layer that captures general distribution patterns, followed refined second focuses on most discriminative features identified advanced feature engineering techniques such as n-gram models TF-IDF transformations. Extensive evaluations demonstrate model's effectiveness across various performance metrics, including accuracy, precision, recall, F1-score, significantly outperforming single-layer forests, support vector machines, neural networks. nature model mitigates overfitting ensures scalability, making it well-suited for real-world scenarios. Additionally, detailed importance provides valuable insights into distinguishing characteristics ransomware, facilitating development targeted cybersecurity strategies. represents advancement in malware detection, demonstrating potential machine learning address complex challenges with high reliability.

Язык: Английский

Процитировано

9