Biblio
The fast growing of ransomware attacks has become a serious threat for companies, governments and internet users, in recent years. The increasing of computing power, memory and etc. and the advance in cryptography has caused the complicating the ransomware attacks. Therefore, effective methods are required to deal with ransomwares. Although, there are many methods proposed for ransomware detection, but these methods are inefficient in detection ransomwares, and more researches are still required in this field. In this paper, we have proposed a novel method for identify ransomware from benign software using process mining methods. The proposed method uses process mining to discover the process model from the events logs, and then extracts features from this process model and using these features and classification algorithms to classify ransomwares. This paper shows that the use of classification algorithms along with the process mining can be suitable to identify ransomware. The accuracy and performance of our proposed method is evaluated using a study of 21 ransomware families and some benign samples. The results show j48 and random forest algorithms have the best accuracy in our method and can achieve to 95% accuracy in detecting ransomwares.
In the multi-cloud tenancy environments, Web Service offers an standard approach for discovering and using capabilities in an environment that transcends ownership domains. This brings into concern the ownership and security related to Web Service governance. Our approach for this issue involves an ESB-integrated middleware for security criteria regulation on Clouds. It uses an attribute-based security policy model for the exhibition of assets consumers' security profiles and deducing service accessing decision. Assets represent computing power/functionality and information/data provided by entities. Experiments show the middleware to bring minor governance burdens on the hardware aspect, as well as better performance with colosum scaling property, dealing well with cumbersome policy files, which is probably the situation of complex composite service scenarios.