Cross-temporal Detection of Novel Ransomware Campaigns: A Multi-Modal Alert Approach

09/01/2023
by   Sathvik Murli, et al.
0

We present a novel approach to identify ransomware campaigns derived from attack timelines representations within victim networks. Malicious activity profiles developed from multiple alert sources support the construction of alert graphs. This approach enables an effective and scalable representation of the attack timelines where individual nodes represent malicious activity detections with connections describing the potential attack paths. This work demonstrates adaptability to different attack patterns through implementing a novel method for parsing and classifying alert graphs while maintaining efficacy despite potentially low-dimension node features.

READ FULL TEXT

Please sign up or login with your details

Forgot password? Click here to reset