Title | Detecting Ransomware Using Support Vector Machines |
Publication Type | Conference Paper |
Year of Publication | 2018 |
Authors | Takeuchi, Yuki, Sakai, Kazuya, Fukumoto, Satoshi |
Conference Name | Proceedings of the 47th International Conference on Parallel Processing Companion |
Publisher | ACM |
Conference Location | New York, NY, USA |
ISBN Number | 978-1-4503-6523-9 |
Keywords | composability, malware detection, Metrics, pubcrawl, ransomware, Resiliency, Support vector machines |
Abstract | Ransomeware is the most prevalent malicious software in 2017 that encrypts the files in a victim's machine and demands money, i.e., ransom, for decrypting the files. The global damage cost and financial losses of individuals and organizations due to ransomware is increasing year by year. Therefore, fighting against ransomware is an urgent issue. In this paper, we propose a ransomware detection scheme using support vector machines (SVMs), which is one of supervised machine learning algorithms. The key idea of the proposed scheme is to let a SVM learn the API calls of ransomware as its features so that the SVM detects unseen ransomware. Unlike the existing solutions, our scheme looks into the API call history in more detail. The testbeds using real 276 ransomware with San-box demonstrate that the proposed scheme improves the correct detection rate of ransomware. |
URL | http://doi.acm.org/10.1145/3229710.3229726 |
DOI | 10.1145/3229710.3229726 |
Citation Key | takeuchi_detecting_2018 |