Behavioral-based classification and identification of ransomware variants using machine learning
Loading...
Date
Author(s)
Citation for Previous Publication
Link to Related Item
Abstract
Description
Due to the changing behavior of ransomware, traditional classification and detection techniques do not accurately detect new variants of ransomware. Attackers use polymorphic and
metamorphic techniques to avoid detection of signature -based systems. We use machine learning classification to identify modified variants of ransomware based on their behavior. To conduct our
study, we used behavioral reports of 150 ransomware samples from 10 different ransomware families. Our data-set includes some of the newest ransomware samples available, providing an evaluation of the classification accuracy of machine learning algorithms on the current evolving status of ransomware. An iterative approach is used to identify optimum behavioral attributes used to achieve best classification accuracy. During behavioral attributes selection process, accuracy of machine learning algorithms has been used to verify improvements on the results of classification. Two main parts of this study are identification of the behavioral attributes which can be used for optimal classification accuracy and classification of ransomware using machine learning algorithms. We have evaluated classification accuracy of three machine learning classification algorithms.
Item Type
http://purl.org/coar/resource_type/c_1843
Alternative
Other License Text / Link
Language
en