Proactive Analysis of Encrypted Execution Paths for Ransomware Detection Using Synthetic Execution Mapping DOI Creative Commons

Helena Sancarlag,

Edwin Featherstonehaugh,

Sophia Unterberger

и другие.

Research Square (Research Square), Год журнала: 2024, Номер unknown

Опубликована: Ноя. 25, 2024

Abstract The increasing sophistication of malicious software means the need development advanced detection mechanisms capable addressing encrypted and obfuscated threats. Synthetic Execution Mapping (SEM) framework leverages novel techniques to simulate analyze execution dynamics code within a controlled environment. Behavioral patterns, reconstructed through graph-based algorithms entropy-based analysis, enable identification operational anomalies indicative activity. Probabilistic modeling enhances accuracy prediction behaviors across wide range scenarios. demonstrates high adaptability in identifying polymorphic threats, achieving significant reductions false-positive rates diverse environments. Modular scalable design elements support seamless integration into enterprise systems, ensuring efficient processing large datasets without compromising performance. Experimental evaluations confirm robustness SEM, with consistent exceeding 90\% ransomware families. Computational efficiency low memory overhead highlight its suitability for real-world applications where resource constraints often limit efficacy traditional methodologies. Insights from entropy variation path analysis provide comprehensive understanding strategies used campaigns. Integration dynamic monitoring tools further framework’s potential proactive threat management. Through innovative approach, SEM addresses critical gaps landscape offers viable solution countering evolving lays groundwork future advancements automated detection, demonstrating practical value mitigating cybersecurity risks.

Язык: Английский

Enhanced Ransomware Detection Using Dual-Layer Random Forest on Opcode Sequences DOI

Hanae Moritaka,

Daichi Komuro

Authorea (Authorea), Год журнала: 2024, Номер unknown

Опубликована: Июль 25, 2024

Ransomware continues to pose a significant threat cybersecurity, causing extensive damage through the encryption of critical data and subsequent ransom demands. Introducing novel dual-layer random forest approach enhances ransomware detection by leveraging hierarchical analysis opcode sequences, providing superior accuracy robustness compared traditional models. The proposed methodology involves an initial layer that captures general distribution patterns, followed refined second focuses on most discriminative features identified advanced feature engineering techniques such as n-gram models TF-IDF transformations. Extensive evaluations demonstrate model's effectiveness across various performance metrics, including accuracy, precision, recall, F1-score, significantly outperforming single-layer forests, support vector machines, neural networks. nature model mitigates overfitting ensures scalability, making it well-suited for real-world scenarios. Additionally, detailed importance provides valuable insights into distinguishing characteristics ransomware, facilitating development targeted cybersecurity strategies. represents advancement in malware detection, demonstrating potential machine learning address complex challenges with high reliability.

Язык: Английский

Процитировано

10
Federated RNN-Based Detection of Ransomware Attacks: A Privacy-Preserving Approach DOI Open Access
Xingyu Zhang, Chenxi Wang,

Rui Liu

и другие.

Опубликована: Авг. 13, 2024

The rise of ransomware as a predominant cybersecurity threat has necessitated the development innovative detection mechanisms capable adapting to rapidly evolving nature such attacks. In response this challenge, federated learning, combined with Recurrent Neural Networks (RNNs), offers novel approach that preserves data privacy while maintaining high accuracy. research presented explores implementation learning framework, where RNN models are trained across decentralized datasets without sharing sensitive data, ensuring compliance regulations. Through comprehensive experiments, study demonstrates model achieves comparable performance centralized models, added benefit enhanced security. results demonstrate potential scalable and robust solution for applications, particularly in environments confidentiality is paramount. findings further highlight broader implications adopting techniques privacy-preserving machine paving way future advancements secure effective detection.

Язык: Английский

Процитировано

4
Modeling heat capacity of liquid siloxanes using artificial intelligence methods DOI
Wei Guo,

Baraa Mohammed Yaseen,

Hardik Doshi

и другие.

Fluid Phase Equilibria, Год журнала: 2025, Номер unknown, С. 114423 - 114423

Опубликована: Март 1, 2025

Язык: Английский

Процитировано

0
Efficient malware detection using NLP and deep learning model DOI
Umesh Gupta,

Shubham Kandpal,

Hayam Alamro

и другие.

Alexandria Engineering Journal, Год журнала: 2025, Номер 124, С. 550 - 564

Опубликована: Апрель 11, 2025

Язык: Английский

Процитировано

0
Enhancing Cybersecurity: Comparative Insights in Machine Learning Models for Ransomware Detection DOI Creative Commons
Muhammad Shaban Rafi,

Iffath Tanjim Moon,

Md. Musfiqur Rahman Mridha

и другие.

European Journal of Artificial Intelligence and Machine Learning, Год журнала: 2025, Номер 4(3), С. 1 - 7

Опубликована: Май 16, 2025

Ransomware is a new cybersecurity attack with huge financial and operational impact in industries globally. In this paper, an investigation of utilizing machine learning algorithms for ransomware detection performed compared conventional methods, which consistently fall prey to dynamically altering attacks. Various algorithms, such as Support Vector Machines, Random Forest, Gradient Boosting, Artificial Neural Networks, Logistic Regression ensemble have been evaluated, method Boosting proving validation accuracy 100% Forest showing 99.99% Recall. These findings validate the viability both known unknown forms detection, current work opens avenues developing sophisticated, adaptive anti-ransomware frameworks.

Язык: Английский

Процитировано

0
Cloud Security Automation Through Symmetry: Threat Detection and Response DOI Open Access

Harshad Pitkar

Symmetry, Год журнала: 2025, Номер 17(6), С. 859 - 859

Опубликована: Июнь 1, 2025

Cloud security automation has emerged as a critical solution for organizations facing increasingly complex cybersecurity challenges in cloud environments. This study examines the current state of automation, focusing on its role symmetry between threat detection and response capabilities. Through analysis recent market trends technological developments, this paper explores key technologies, including Security Information Event Management (SIEM), Extended Detection Response (XDR), Orchestration, Automation, (SOAR) platforms. The integration artificial intelligence machine learning transformed these systems, enabling real-time automated mechanisms. research real-world applications highlights that implementing solutions have demonstrated improved incident times reduced breaches. However, remain terms complexity human expertise. As global AI is projected to reach $134 billion by 2030, future lies advanced AI-driven integration. Even though platforms are widely used, existing tools identifying threats, heterogeneous data sources, actionable generation. majority not designed cloud-native do scale or evolve. overcomes introducing scalable extensible architecture, which uses sophisticated correlation provide increased accuracies well challenging environment cloud-based infrastructures. aims equip with proven methods from use cases strategies they can adopt enable response.

Язык: Английский

Процитировано

0
Forensic Analysis of Live Ransomware Attacks on Linux-Based Laptop Systems: Techniques and Evaluation DOI Creative Commons

William Neweva,

Oliver Fitzwilliam,

James Waterbridge

и другие.

Research Square (Research Square), Год журнала: 2024, Номер unknown

Опубликована: Авг. 13, 2024

Abstract The increasing prevalence of ransomware attacks targeting Linux-based systems has highlighted the critical need for effective detection and mitigation strategies that can operate in real-time, safeguarding sensitive data maintaining system integrity. novel integration live forensic techniques—memory analysis, network traffic monitoring, process monitoring—provides a multi-faceted defense capable addressing complex rapidly evolving nature threats, particularly within Linux environments where traditional security measures may fall short. Through rigorous experimental evaluation, each technique was assessed its ability to detect activities, minimize performance impact, offer timely intervention, resulting comprehensive approach enhances overall resilience against ransomware. Memory analysis shown be highly extracting volatile disrupting encryption processes, while monitoring provided early warnings through command-and-control communications. Process emerged as balanced technique, offering continuous behavioral with minimal resource overhead, making it suitable deployment environments. findings demonstrate importance adopting strategic, integrated significantly improving ransomware, ensuring protection assets.

Язык: Английский

Процитировано

2
A New Approach to Ransomware Detection Using Hierarchical Entropic Pattern Analysis DOI Creative Commons

Laurence Plott,

James Pennington,

Thomas Kingsley

и другие.

Research Square (Research Square), Год журнала: 2024, Номер unknown

Опубликована: Ноя. 27, 2024

Abstract The escalating sophistication of cyber threats, characterized by increasingly complex attack vectors and adaptive malicious software, requires the development implementation innovative detection methodologies that can effectively identify mitigate these evolving threats. Hierarchical Entropic Pattern Analysis (HEPA) framework offers a novel approach to identifying ransomware activities through multi-layered entropy analysis. By examining variations across hierarchical data structures, HEPA distinguishes between benign behaviors. system's modular design ensures seamless integration with existing cybersecurity infrastructures, promoting scalability adaptability. Comprehensive evaluations demonstrate HEPA's high accuracy low false positive rates diverse variants. Resource utilization assessments indicate minimal impact on system performance, affirming framework's operational efficiency. Detection latency measurements reveal prompt identification activities, enabling timely intervention. analysis entropic patterns provides deeper insights into encryption behaviors, enhancing threat intelligence. Comparative analyses highlight superiority over traditional methods, showing its potential advance defenses. findings contribute broader understanding entropy-based mechanisms their practical applications in combating sophisticated

Язык: Английский

Процитировано

0
Advanced Autonomous Detection of Ransomware Using Dynamic Crypto-Entropy Signature Analysis DOI Creative Commons

Giovanni Prigodichi,

Harrison Wainwright,

Richard Davis

и другие.

Research Square (Research Square), Год журнала: 2024, Номер unknown

Опубликована: Ноя. 15, 2024

Abstract The sophistication of cyber threats requires the development advanced detection mechanisms capable identifying and mitigating malicious activities with minimal human intervention. Dynamic Crypto-Entropy Signature Analysis (DCESA) framework introduces an autonomous approach to ransomware through analysis cryptographic entropy patterns inherent in encryption behaviors. Through dynamically generating unique signatures, DCESA effectively distinguishes between benign activities, thereby enhancing accuracy reducing false positives. Empirical evaluations have demonstrated DCESA's proficiency a diverse array strains, including previously unseen variants, impact on system performance. integration into cybersecurity infrastructures offers proactive efficient solution for attacks, overall security posture organizations.

Язык: Английский

Процитировано

0
A Novel Quantum-Backed Decision Vector Framework for Ransomware Detection Using Nonlinear Signal Entropy Mapping DOI Creative Commons

Pascal Knaapen,

Henry Carter, Charlotte Davies

и другие.

Research Square (Research Square), Год журнала: 2024, Номер unknown

Опубликована: Ноя. 25, 2024

Abstract The increasing complexity and sophistication of modern cyber threats need innovative detection mechanisms capable adapting to rapidly evolving attack vectors. A quantum-inspired framework was introduced address the challenges identifying ransomware through advanced decision-making algorithms nonlinear entropy analysis. integration mapping allowed system capture subtle deviations in behavior, facilitating early-stage identification malicious activities. Quantum decision vectors provided a robust mechanism for evaluating classifying patterns across diverse datasets without relying on static signatures. Experimental evaluations demonstrated superior performance accuracy, latency, resource efficiency compared traditional heuristic machine learning-based methods. Polymorphic variants, often evading conventional approaches, were effectively detected framework's generalized analytical capabilities. exhibited adaptability imbalanced datasets, maintaining high reliability precision varying distributions benign Results highlighted its computational efficiency, with significantly reduced demands, enabling deployment resource-constrained high-throughput environments. modular design supports scalability existing cybersecurity infrastructures. Comprehensive analysis revealed substantial reductions false positive rates, enhancing automated processes. study underscores practical viability theoretical contributions methodologies improving defenses.

Язык: Английский

Процитировано

0