0 Contact Us

An Intelligent Crypto-Locker Ransomware Detection Technique using Support Vector Machine Classification and Grey Wolf Optimization Algorithms

Abdullahi Mohammed Maigida*, Shafi’i Muhammad Abdulhamid**, Morufu Olalere***, Idris Ismaila****
*-**-***-****Lecturer, Department of Cyber Security Science, Federal University of Technology Minna, Nigeria.
Periodicity:January - March'2019
DOI : https://doi.org/10.26634/jse.13.3.15685

Abstract

Ransomware is advanced malicious software which comes in different forms, with the intention to attack and take control of basic infrastructures and computer systems. The majority of these threats are meant to extort money from their victims by asking for a ransom in exchange for decryption keys. Most of the techniques deployed to detect this could not completely prevent ransomware attacks because of its obfuscation techniques. In this research work, an intelligent crypto-locker ransomware detection technique using Support Vector Machine (SVM) and Grey Wolf Optimization (GWO) algorithm is proposed to overcome the malware obfuscation technique because of its ability to learn, train and fit dataset based on the observed features. The proposed technique has shown remarkable prospects in detecting cryptolocker ransomware attacks with high true positive and low false positive rate.

Keywords

 Support Vector Machine, Greywolf Optimization, Ransomware, Crypto-locker, Malware.

How to Cite this Article?

 Maigida, A. M., Abdulhamid, S. M., Olalere, M., Ismaila, I. (2019). An Intelligent Crypto-Locker Ransomware Detection Technique using Support Vector Machine Classification and Grey Wolf Optimization Algorithms, i-manager's Journal on Software Engineering, 13(3), 15-23. https://doi.org/10.26634/jse.13.3.15685

References
[1]. Ahmadian, M. M., & Shahriari, H. R. (2016, September). 2entFOX: A framework for high survivable ransomwares detection. In Information Security and Cryptology (ISCISC), 2016 13th International Iranian Society of Cryptology Conference on (pp. 79-84). IEEE.
[2]. Al-rimy, B. A. S., & Maarof, M. A. (2018). Recent Trends in Information and Communication Technology, 5.
[3]. Bhardwaj, A., Avasthi, V., Sastry, H., & Subrahmanyam, G. V. B. (2016). Ransomware digital extortion: a rising new age threat. Indian Journal of Science and Technology, 9(14), 1-5.
[4]. Boswell, D. (2002). Introduction to support vector machines. Department of Computer Science and Engineering, University of California San Diego. Retrieved from http://www.work.caltech.edu/~boswell/IntroTo SVM.pdf
[5]. Brewer, R. (2016). Ransomware attacks: detection, prevention and cure. Network Security, 2016(9), 5-9.
[6]. Cabaj, K., Gregorczyk, M., & Mazurczyk, W. (2018). Software-defined networking-based crypto ransomware detection using HTTP traffic characteristics. Computers & Electrical Engineering, 66, 353-368.
[7]. Continella, A., Guagnelli, A., Zingaro, G., De Pasquale, G., Barenghi, A., Zanero, S., & Maggi, F. (2016, December). ShieldFS: a self-healing, ransomware-aware nd filesystem. In Proceedings of the 32nd Annual Conference on Computer Security Applications (pp. 336-347). ACM.
[8]. Ferrante A., Malek M., Martinelli F., Mercaldo F., Milosevic J. (2018). [Extinguishing Ransomware - A Hybrid Approach to Android Ransomware Detection. In Imine A., Fernandez J., Marion JY., Logrippo L., Garcia-Alfaro J. (Eds) Foundations and Practice of Security. FPS 2017. Lecture Notes in Computer Science, Vol 10723. Springer, Cham
[9]. Hong, S., Liu, C., Ren, B., & Chen, J. (2017, June). Poster: Sdguard: An Android Application Implementing Privacy Protection and Ransomware Detection. In Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services (pp. 149- 149). ACM.
[10]. Kharraz, A., & Kirda, E. (2017, September). Redemption: real-time protection against ransomware at end-hosts. In International Symposium on Research in Attacks, Intrusions, and Defenses (pp. 98-119). Springer, Cham.
[11]. Kharraz, A., Arshad, S., Mulliner, C., Robertson, W. K., & Kirda, E. (2016, August). UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware. In USENIX Security Symposium (pp. 757-772).
[12]. Kiraz, M. S., Genç, Z. A., & Öztürk, E. (2017). Detecting Large Integer Arithmetic for Defense Against Crypto Ransomware. Cr yptology ePrint Archive, Report 2017/558.(2017).
[13]. Kolodenker, E., Koch, W., Stringhini, G., & Egele, M. (2017, April). PayBreak: defense against cryptographic ransomware. In Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security (pp. 599-611). ACM.
[14]. Mirjalili, S., Mirjalili, S. M., & Lewis, A. (2014). Grey wolf optimizer. Advances in Engineering Software, 69, 46-61.
[15]. Moore, C. (2016, August). Detecting ransomware with honey pot techniques. In Cybersecurity and Cyberforensics Conference (CCC), 2016 (pp. 77-81). IEEE.
[16]. Patyal, M., Sampalli, S., Ye, Q., & Rahman, M. (2017). Multi-layered defense architecture against ransomware. International Journal of Business and Cyber Security,1(2), 52–64.
[17]. Richardson, R., & North, M. (2017). Ransomware: Evolution, mitigation and prevention. International Management Review, 13(1), 10-21.
[18]. Savage, K., Coogan, P., & Lau, H. (2015). The Evolution of Ransomware, Symantec. Retrieved from http://www.symantec.com/content/en/us/enterprise/medi a/security_response/whitepapers/the-evolution-ofransomware. pdf
[19]. Scaife, N., Carter, H., Traynor, P., & Butler, K. R. (2016, June). Cryptolock (and drop it): stopping ransomware attacks on user data. In Distributed Computing Systems th (ICDCS), 2016 IEEE 36 International Conference on (pp. 303-312). IEEE.
[20]. Sgandurra, D., Muñoz-González, L., Mohsen, R., & Lupu, E. C. (2016). Automated dynamic analysis of ransomware: Benefits, limitations and use for detection. arXiv preprint arXiv:1609.03020.
[21]. Shaukat, S. K., & Ribeiro, V. J. (2018, January). RansomWall: A layered defense system against cryptographic ransomware attacks using machine learning. In Communication Systems & Networks th (COMSNETS), 2018 10 International Conference on (pp. 356-363). IEEE.
[22]. The Business Times. (2017). How Ransomware Works. New York City, Retrieved from https://www.businesstimes. com.sg/infographics/how-ransomware-works
[23]. Weckstén, M., Frick, J., Sjöström, A., & Järpe, E. (2016, October). A novel method for recovery from Crypto Ransomware infections. In Computer and Communications (ICCC), 2016 2nd IEEE International Conference on (pp. 1354-1358). IEEE.
[24]. Yang, T., Yang, Y., Qian, K., Lo, D. C. T., Qian, Y., & Tao, L. (2015, August). Automated detection and analysis for android ransomware. In High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conferen on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on (pp. 1338-1343). IEEE.
If you have access to this article please login to view the article or kindly login to purchase the article

Purchase Instant Access

Single Article

North Americas,UK,
Middle East,Europe 		India Rest of world
USD EUR INR USD-ROW
Pdf 35 35 200 20
Online 35 35 200 15
Pdf & Online 35 35 400 25
ADD TO CART

Options for accessing this content:
  • If you would like institutional access to this content, please recommend the title to your librarian.
    Library Recommendation Form
  • If you already have i-manager's user account: Login above and proceed to purchase the article.
  • New Users: Please register, then proceed to purchase the article.
Submit New Paper Track Paper Status Buy Journal Track Your Subscription Journal Archive
Authors Institutions/Librarians Agents Conferences
About Us Careers Contact FAQ Terms and Conditions Privacy Policy Refund & cancellation Policy