Biblio
Filters: Author is Sakai, Kazuya [Clear All Filters]
Detecting Ransomware Using Support Vector Machines. Proceedings of the 47th International Conference on Parallel Processing Companion. :1:1–1:6.
.
2018. Ransomeware is the most prevalent malicious software in 2017 that encrypts the files in a victim's machine and demands money, i.e., ransom, for decrypting the files. The global damage cost and financial losses of individuals and organizations due to ransomware is increasing year by year. Therefore, fighting against ransomware is an urgent issue. In this paper, we propose a ransomware detection scheme using support vector machines (SVMs), which is one of supervised machine learning algorithms. The key idea of the proposed scheme is to let a SVM learn the API calls of ransomware as its features so that the SVM detects unseen ransomware. Unlike the existing solutions, our scheme looks into the API call history in more detail. The testbeds using real 276 ransomware with San-box demonstrate that the proposed scheme improves the correct detection rate of ransomware.