RAPPER: Ransomware Prevention via Performance Counters

02/12/2018
by   Manaar Alam, et al.
0

Ransomware can produce direct and controllable economic loss, which makes it one of the most prominent threats in cyber security. As per the latest statistics, more than half of malwares reported in Q1 of 2017 are ransomware and there is a potent threat of a novice cybercriminals accessing rasomware-as-a-service. The concept of public-key based data kidnapping and subsequent extortion was introduced in 1996. Since then, variants of ransomware emerged with different cryptosystems and larger key sizes though, the underlying techniques remained same. Though there are works in literature which proposes a generic framework to detect the crypto ransomwares, we present a two step unsupervised detection tool which when suspects a process activity to be malicious, issues an alarm for further analysis to be carried in the second step and detects it with minimal traces. The two step detection framework- RAPPER uses Artificial Neural Network and Fast Fourier Transformation to develop a highly accurate, fast and reliable solution to ransomware detection using minimal trace points.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
07/18/2019

An AI-based, Multi-stage detection system of banking botnets

Banking Trojans, botnets are primary drivers of financially-motivated cy...
research
05/04/2022

Zero Day Threat Detection Using Graph and Flow Based Security Telemetry

Zero Day Threats (ZDT) are novel methods used by malicious actors to att...
research
08/31/2021

DeepTaskAPT: Insider APT detection using Task-tree based Deep Learning

APT, known as Advanced Persistent Threat, is a difficult challenge for c...
research
12/21/2021

ANUBIS: A Provenance Graph-Based Framework for Advanced Persistent Threat Detection

We present ANUBIS, a highly effective machine learning-based APT detecti...
research
08/29/2022

Lateral Movement Detection Using User Behavioral Analysis

Lateral Movement refers to methods by which threat actors gain initial a...
research
06/05/2020

PASSVM: A Highly Accurate Online Fast Flux Detection System

Fast Flux service networks (FFSNs) are used by adversaries to achieve a ...

Please sign up or login with your details

Forgot password? Click here to reset