Leveraging Support Vector Machine for Opcode Density Based Detection of Crypto-Ransomware

07/27/2018
by   James Baldwin, et al.
0

Ransomware is a significant global threat, with easy deployment due to the prevalent ransomware-as-a-service model. Machine learning algorithms incorporating the use of opcode characteristics and Support Vector Machine have been demonstrated to be a successful method for general malware detection. This research focuses on crypto-ransomware and uses static analysis of malicious and benign Portable Executable files to extract 443 opcodes across all samples, representing them as density histograms within the dataset. Using the SMO classifier and PUK kernel in the WEKA machine learning toolset it demonstrates that this methodology can achieve 100 ransomware and goodware, and 96.5 cryptoransomware families and goodware. Moreover, 8 different attribute selection methods are evaluated to achieve significant feature reduction. Using the CorrelationAttributeEval method close to 100 with a feature reduction of 59.5 feature reduction of 97.7

READ FULL TEXT

page 16

page 19

page 21

page 22

page 23

research
12/05/2021

Using Static and Dynamic Malware features to perform Malware Ascription

Malware ascription is a relatively unexplored area, and it is rather dif...
research
10/01/2020

Quasar Detection using Linear Support Vector Machine with Learning From Mistakes Methodology

The field of Astronomy requires the collection and assimilation of vast ...
research
01/24/2018

Support Vector Machine Active Learning Algorithms with Query-by-Committee versus Closest-to-Hyperplane Selection

This paper investigates and evaluates support vector machine active lear...
research
12/02/2020

Differential Morphed Face Detection Using Deep Siamese Networks

Although biometric facial recognition systems are fast becoming part of ...
research
12/06/2007

Kernels and Ensembles: Perspectives on Statistical Learning

Since their emergence in the 1990's, the support vector machine and the ...
research
05/28/2003

2D Electrophoresis Gel Image and Diagnosis of a Disease

The process of diagnosing a disease from the 2D gel electrophoresis imag...
research
04/12/2022

Malware Analysis with Symbolic Execution and Graph Kernel

Malware analysis techniques are divided into static and dynamic analysis...

Please sign up or login with your details

Forgot password? Click here to reset