Large scale ransomware detection by cognitive security
Abstract:
Attacks of Ransomware [14] are increasing every day. This type of threads explodes the system vulnerabilities, especially those that have a base on Microsoft Windows. From May 2017 millions of computers around the world experienced this virus. For this reason, the necessity of creating different mechanisms which act proactively, it is the way to prevent high levels of its spreading. This proposed research will create a model for ransomware detection and prevention. It will analyze nonstructured data stored in Ecuadorian control and regulatory institution (EcuCERT) logs. Also, it will create a corpus to detect behavior patterns of the main vulnerabilities related to ransomware [26] [27], found in Microsoft Windows Systems [20] and using machine learning techniques. Methods for selecting important variables inside Logs will be used to decide which features best represent the data that makes up the threat. These variables will form the corpus, and they will be the input from automatic learning algorithms. Algorithms will model patterns which will serve to detect early the ransomware before they hijack the data. Finally, the researcher will report the detection of the thread.
Año de publicación:
2017
Keywords:
- Data Mining
- LOGS
- ransomware
- classification
- Machine learning
Fuente:
scopusTipo de documento:
Conference Object
Estado:
Acceso restringido
Áreas de conocimiento:
- Inteligencia artificial
- Ciencias de la computación
Áreas temáticas:
- Programación informática, programas, datos, seguridad
- Funcionamiento de bibliotecas y archivos
- Otros problemas y servicios sociales
