We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.CR
< prev | next >
new | recent | 2201

Change to browse by:

cs
cs.LG

References & Citations

DBLP - CS Bibliography

listing | bibtex

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo

Computer Science > Cryptography and Security

Title: Detecting Ransomware Execution in a Timely Manner

Authors: Anthony Melaragno, William Casey
(Submitted on 12 Jan 2022)
Abstract: Ransomware has been an ongoing issue since the early 1990s. In recent times ransomware has spread from traditional computational resources to cyber-physical systems and industrial controls. We devised a series of experiments in which virtual instances are infected with ransomware. We instrumented the instances and collected resource utilization data across a variety of metrics (CPU, Memory, Disk Utility). We design a change point detection and learning method for identifying ransomware execution. Finally we evaluate and demonstrate its ability to detect ransomware efficiently in a timely manner when trained on a minimal set of samples. Our results represent a step forward for defense, and we conclude with further remarks for the path forward.
Comments: 12 Pages, 9 Figures
Subjects: Cryptography and Security (cs.CR); Machine Learning (cs.LG)
Cite as: arXiv:2201.04424 [cs.CR]
  (or arXiv:2201.04424v1 [cs.CR] for this version)

Submission history

From: Tony Melaragno [view email]
[v1] Wed, 12 Jan 2022 11:40:59 GMT (2198kb,D)
Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)

Link back to: arXiv, form interface, contact.