Deakin University
Browse

File(s) under permanent embargo

VoterChoice: A ransomware detection honeypot with multiple voting framework

journal contribution
posted on 2020-07-25, 00:00 authored by Allan Ng, Sutharshan RajasegararSutharshan Rajasegarar, Lei PanLei Pan, Frank JiangFrank Jiang, Leo ZhangLeo Zhang
This research presents a novel framework comprising the IPS gateway, analysis system, and honeypot for identifying and detecting ransomware based on the client honeypot concept, and active interception of downloads using Suricata inline intruder prevention system. Unlike previous frameworks that report on the accuracy rate of detecting ransomware, the proposed framework features a multiple voting platform for the validation of confidence levels in the accuracy detection rates. The proposed framework achieves high accuracy levels than other machine learning models for the detection of ransomware.

History

Journal

Concurrency and Computation: Practice and Experience

Volume

32

Issue

14

Article number

e5726

Pagination

1 - 29

Publisher

Wiley

Location

Hoboken, N.J.

Publisher DOI

ISSN

1532-0626

Language

eng

Publication classification

C1 Refereed article in a scholarly journal

Copyright notice

2020, John Wiley & Sons, Ltd.

Usage metrics

    Research Publications

    Categories

    Keywords

    dynamic analysismachine learningmalwareransomwarestatic analysisScience & TechnologyTechnologyComputer Science, Software EngineeringComputer Science, Theory & MethodsComputer ScienceArtificial Intelligence and Image ProcessingComputer SoftwareDistributed Computing

    Licence

    All Rights Reserved

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC