Convolutional Neural Network-Based Cryptography Ransomware Detection for Low-End Embedded Processors
作者: Kyoungbae Jang , Hyunji Kim , Jaehoon Park , Hwajeong Seo , Hyeokdong Kwon
DOI: 10.3390/MATH9070705
关键词:
摘要: A crypto-ransomware has the process to encrypt victim’s files. Afterward, requests a ransom for password of encrypted files victims. In this paper, we present novel approach prevent by detecting block cipher algorithms Internet Things (IoT) platforms. We extract sequence and frequency characteristics from opcode binary 8-bit Alf Vegard’s RISC (AVR) processor microcontroller. other words, late fusion method is used two features one source data, learn through each network, integrate them. classify virus or harmless software proposed method. The general AVR packages implementations written in C language lightweight library (i.e., Fair Evaluation Lightweight Cryptographic Systems (FELICS)) are trained deep learning network evaluated. successfully classified training functions Furthermore, detect codes that file using ciphers. detection rate evaluated terms F-measure, which harmonic mean precision recall. not only achieved 97% success but also 80% classification cryptographic algorithm benign firmware. addition, Substitution-Permutation-Network (SPN) structure, Addition-Rotation-eXclusive-or structures (ARX) firmware 95%.
mdpi.com
sci-hub.st 参考文章(13)
Jason L Williams, John W Fisher, Alan S Willsky, Approximate Dynamic Programming for Communication-Constrained Sensor Network Management IEEE Transactions on Signal Processing. ,vol. 55, pp. 4300- 4311 ,(2007) , 10.1109/TSP.2007.896099
Juan Caballero, Pongsin Poosankam, Christian Kreibich, Dawn Song, Dispatcher: enabling active botnet infiltration using automatic protocol reverse-engineering computer and communications security. pp. 621- 634 ,(2009) , 10.1145/1653662.1653737
Dmitry Khovratovich, Dumitru-Daniel Dinu, Alex Biryukov, Johann Groszschädl, Léo Paul Perrin, Yann Le Corre, FELICS - Fair Evaluation of Lightweight Cryptographic Systems ,(2015)
Engin Kirda, Sajjad Arshad, Amin Kharraz, Collin Mulliner, William Robertson, UNVEIL: a large-scale, automated approach to detecting ransomware usenix security symposium. pp. 757- 772 ,(2016)
Mattias Wecksten, Jan Frick, Andreas Sjostrom, Eric Jarpe, A novel method for recovery from Crypto Ransomware infections ieee international conference computer and communications. pp. 1354- 1358 ,(2016) , 10.1109/COMPCOMM.2016.7924925
Amin Azmoodeh, Ali Dehghantanha, Mauro Conti, Kim-Kwang Raymond Choo, Detecting crypto-ransomware in IoT networks based on energy consumption footprint Journal of Ambient Intelligence and Humanized Computing. ,vol. 9, pp. 1141- 1152 ,(2018) , 10.1007/S12652-017-0558-5
Ibrar Yaqoob, Ejaz Ahmed, Muhammad Habib ur Rehman, Abdelmuttlib Ibrahim Abdalla Ahmed, Mohammed Ali Al-garadi, Muhammad Imran, Mohsen Guizani, The rise of ransomware and emerging security challenges in the Internet of Things Computer Networks. ,vol. 129, pp. 444- 458 ,(2017) , 10.1016/J.COMNET.2017.09.003
Asma Zahra, Munam Ali Shah, IoT based ransomware growth rate evaluation and detection using command and control blacklisting international conference on automation and computing. pp. 1- 6 ,(2017) , 10.23919/ICONAC.2017.8082013
Alireza Karimi, Mohammad Hosein Moattar, Android ransomware detection using reduced opcode sequence and image similarity international conference on computer and knowledge engineering. pp. 229- 234 ,(2017) , 10.1109/ICCKE.2017.8167881
Amin Azmoodeh, Ali Dehghantanha, Kim-Kwang Raymond Choo, Robust Malware Detection for Internet of (Battlefield) Things Devices Using Deep Eigenspace Learning IEEE Transactions on Sustainable Computing. ,vol. 4, pp. 88- 95 ,(2019) , 10.1109/TSUSC.2018.2809665