Ransomware Early Detection Method Based on Deep Learning
In recent years,ransomware is becoming increasingly prevalent,causing serious economic losses.Since files encrypted by ransomware are difficult to recover,how to timely and accurately detect ransomware is a hot point nowadays.To improve the timeliness and accuracy of ransomware detection,this paper...
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial office of Computer Science
2023-03-01
|
| Series: | Jisuanji kexue |
| Subjects: | |
| Online Access: | https://www.jsjkx.com/fileup/1002-137X/PDF/1002-137X-2023-50-3-391.pdf |
| _version_ | 1797845101474480128 |
|---|---|
| author | LIU Wenjing, GUO Chun, SHEN Guowei, XIE Bo, LYU Xiaodan |
| author_facet | LIU Wenjing, GUO Chun, SHEN Guowei, XIE Bo, LYU Xiaodan |
| author_sort | LIU Wenjing, GUO Chun, SHEN Guowei, XIE Bo, LYU Xiaodan |
| collection | DOAJ |
| description | In recent years,ransomware is becoming increasingly prevalent,causing serious economic losses.Since files encrypted by ransomware are difficult to recover,how to timely and accurately detect ransomware is a hot point nowadays.To improve the timeliness and accuracy of ransomware detection,this paper analyzes the behavior of ransomware family and benign software in the early stage of operation and proposes a ransomware early detection method based on deep learning(REDMDL).REDMDL takes a certain length of application programming interface(API) sequence that is obtained by software running at the initial stage as input,combines word vector and position vector to vectorize the collected API sequence,and then constructs a convolutional neural network-long short term memory(CNN-LSTM) neural network model for early detection of ransomware.Experimental results show that REDMDL can accurately determine whether the software is ransomware or benign within seconds after it star-ting to run. |
| first_indexed | 2024-04-09T17:33:06Z |
| format | Article |
| id | doaj.art-f5f2c2d316ab48769fe795b42506e6d2 |
| institution | Directory Open Access Journal |
| issn | 1002-137X |
| language | zho |
| last_indexed | 2024-04-09T17:33:06Z |
| publishDate | 2023-03-01 |
| publisher | Editorial office of Computer Science |
| record_format | Article |
| series | Jisuanji kexue |
| spelling | doaj.art-f5f2c2d316ab48769fe795b42506e6d22023-04-18T02:33:25ZzhoEditorial office of Computer ScienceJisuanji kexue1002-137X2023-03-0150339139810.11896/jsjkx.220200182Ransomware Early Detection Method Based on Deep LearningLIU Wenjing, GUO Chun, SHEN Guowei, XIE Bo, LYU Xiaodan0State Key Laboratory of Public Big Data,College of Computer Science and Technology,Guizhou University,Guiyang 550025,ChinaIn recent years,ransomware is becoming increasingly prevalent,causing serious economic losses.Since files encrypted by ransomware are difficult to recover,how to timely and accurately detect ransomware is a hot point nowadays.To improve the timeliness and accuracy of ransomware detection,this paper analyzes the behavior of ransomware family and benign software in the early stage of operation and proposes a ransomware early detection method based on deep learning(REDMDL).REDMDL takes a certain length of application programming interface(API) sequence that is obtained by software running at the initial stage as input,combines word vector and position vector to vectorize the collected API sequence,and then constructs a convolutional neural network-long short term memory(CNN-LSTM) neural network model for early detection of ransomware.Experimental results show that REDMDL can accurately determine whether the software is ransomware or benign within seconds after it star-ting to run.https://www.jsjkx.com/fileup/1002-137X/PDF/1002-137X-2023-50-3-391.pdfransomware|early detection|cnn|lstm|api |
| spellingShingle | LIU Wenjing, GUO Chun, SHEN Guowei, XIE Bo, LYU Xiaodan Ransomware Early Detection Method Based on Deep Learning Jisuanji kexue ransomware|early detection|cnn|lstm|api |
| title | Ransomware Early Detection Method Based on Deep Learning |
| title_full | Ransomware Early Detection Method Based on Deep Learning |
| title_fullStr | Ransomware Early Detection Method Based on Deep Learning |
| title_full_unstemmed | Ransomware Early Detection Method Based on Deep Learning |
| title_short | Ransomware Early Detection Method Based on Deep Learning |
| title_sort | ransomware early detection method based on deep learning |
| topic | ransomware|early detection|cnn|lstm|api |
| url | https://www.jsjkx.com/fileup/1002-137X/PDF/1002-137X-2023-50-3-391.pdf |
| work_keys_str_mv | AT liuwenjingguochunshenguoweixiebolyuxiaodan ransomwareearlydetectionmethodbasedondeeplearning |