A Kings Ransom for Encryption: Ransomware Classification using Augmented One-Shot Learning and Bayesian Approximation
作者: Stephen Bonner , Amir Atapour-Abarghouei , Andrew Stephen McGough
DOI:
关键词:
摘要: Newly emerging variants of ransomware pose an ever-growing threat to computer systems governing every aspect modern life through the handling and analysis big data. While various recent security-based approaches have focused on detecting classifying at network or system level, easy-to-use post-infection classification for lay user has not been attempted before. In this paper, we investigate possibility a is infected with simply based screenshot splash screen ransom note captured using consumer camera commonly found in any mobile device. To train evaluate our system, create sample dataset screens 50 well-known variants. dataset, only single training image available per ransomware. Instead creating large screenshots, simulate capture conditions via carefully designed data augmentation techniques, enabling simple efficient one-shot learning. Moreover, model uncertainty obtained Bayesian approximation, ensure special input cases such as unrelated non-ransomware images previously-unseen are correctly identified mis-classified. Extensive experimental evaluation demonstrates efficacy work, accuracy levels up 93.6% classification.
arxiv.org参考文章(38)
Saining Xie, Ross Girshick, Piotr Dollar, Zhuowen Tu, Kaiming He, Aggregated Residual Transformations for Deep Neural Networks 2017 IEEE Conference on Computer Vision and Pattern Recognition (CVPR). pp. 5987- 5995 ,(2017) , 10.1109/CVPR.2017.634
Daniele Sgandurra, Emil C. Lupu, Luis Muñoz-González, Rabih Mohsen, Automated Dynamic Analysis of Ransomware: Benefits, Limitations and use for Detection arXiv: Cryptography and Security. ,(2016)
Shaoqing Ren, Kaiming He, Jian Sun, Ross Girshick, Faster R-CNN: towards real-time object detection with region proposal networks neural information processing systems. ,vol. 28, pp. 91- 99 ,(2015)
Jiri Hron, Alexander G de G Matthews, Zoubin Ghahramani, None, Variational Gaussian Dropout is not Bayesian arXiv: Machine Learning. ,(2017)
Bander Ali Saleh Al-rimy, Mohd Aizaini Maarof, Syed Zainudeen Mohd Shaid, Ransomware threat success factors, taxonomy, and countermeasures Computers & Security. ,vol. 74, pp. 144- 166 ,(2018) , 10.1016/J.COSE.2018.01.001
Alberto Ferrante, Miroslaw Malek, Fabio Martinelli, Francesco Mercaldo, Jelena Milosevic, Extinguishing Ransomware - A Hybrid Approach to Android Ransomware Detection foundations and practice of security. pp. 242- 258 ,(2017) , 10.1007/978-3-319-75650-9_16
Andrey Zhmoginov, Mark Sandler, Liang-Chieh Chen, Menglong Zhu, Andrew Howard, MobileNetV2: Inverted Residuals and Linear Bottlenecks arXiv: Computer Vision and Pattern Recognition. ,(2018)
Louis B. Rall, Automatic differentiation ,(1981)
Amir Atapour-Abarghouei, Toby P. Breckon, Real-Time Monocular Depth Estimation Using Synthetic Data with Domain Adaptation via Image Style Transfer computer vision and pattern recognition. pp. 2800- 2810 ,(2018) , 10.1109/CVPR.2018.00296
Zoubin Ghahramani, Alexander G. de G. Matthews, Jiri Hron, Variational Bayesian dropout: pitfalls and fixes arXiv: Machine Learning. ,(2018)