Attention in Recurrent Neural Networks for Ransomware Detection
| Title | Attention in Recurrent Neural Networks for Ransomware Detection |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Agrawal, R., Stokes, J. W., Selvaraj, K., Marinescu, M. |
| Conference Name | ICASSP 2019 - 2019 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) |
| ISBN Number | 978-1-4799-8131-1 |
| Keywords | attention mechanisms, composability, Computer architecture, computer security, Deep Learning, deep learning methods, Human Behavior, invasive software, learning (artificial intelligence), Logic gates, Long short-term memory, LSTM, LSTM models, malicious software, malware detection, Metrics, Microprocessors, organizational level, pattern locks, pubcrawl, ransomware, ransomware attacks, ransomware detection, ransomware executables, ransomware sequences, recurrent neural nets, Recurrent neural networks, Resiliency, Scalability, user access, Windows environment |
| Abstract | Ransomware, as a specialized form of malicious software, has recently emerged as a major threat in computer security. With an ability to lock out user access to their content, recent ransomware attacks have caused severe impact at an individual and organizational level. While research in malware detection can be adapted directly for ransomware, specific structural properties of ransomware can further improve the quality of detection. In this paper, we adapt the deep learning methods used in malware detection for detecting ransomware from emulation sequences. We present specialized recurrent neural networks for capturing local event patterns in ransomware sequences using the concept of attention mechanisms. We demonstrate the performance of enhanced LSTM models on a sequence dataset derived by the emulation of ransomware executables targeting the Windows environment. |
| URL | https://ieeexplore.ieee.org/document/8682899 |
| DOI | 10.1109/ICASSP.2019.8682899 |
| Citation Key | agrawal_attention_2019 |
- Metrics
- Windows environment
- user access
- Scalability
- Resiliency
- Recurrent neural networks
- recurrent neural nets
- ransomware sequences
- ransomware executables
- ransomware detection
- ransomware attacks
- Ransomware
- pubcrawl
- pattern locks
- organizational level
- Microprocessors
- attention mechanisms
- malware detection
- malicious software
- LSTM models
- LSTM
- Long short-term memory
- Logic gates
- learning (artificial intelligence)
- invasive software
- Human behavior
- deep learning methods
- deep learning
- computer security
- computer architecture
- composability