Deakin University
Browse

VoterChoice: A ransomware detection honeypot with multiple voting framework

Version 2 2024-06-06, 03:13
Version 1 2020-04-07, 23:00
journal contribution
posted on 2024-06-06, 03:13 authored by C Keong Ng, Sutharshan RajasegararSutharshan Rajasegarar, Lei PanLei Pan, Frank JiangFrank Jiang, Leo ZhangLeo Zhang
This research presents a novel framework comprising the IPS gateway, analysis system, and honeypot for identifying and detecting ransomware based on the client honeypot concept, and active interception of downloads using Suricata inline intruder prevention system. Unlike previous frameworks that report on the accuracy rate of detecting ransomware, the proposed framework features a multiple voting platform for the validation of confidence levels in the accuracy detection rates. The proposed framework achieves high accuracy levels than other machine learning models for the detection of ransomware.

History

Journal

Concurrency and Computation: Practice and Experience

Volume

32

Article number

ARTN e5726

Pagination

1 - 29

Location

Hoboken, N.J.

ISSN

1532-0626

eISSN

1532-0634

Language

English

Publication classification

C1 Refereed article in a scholarly journal

Copyright notice

2020, John Wiley & Sons, Ltd.

Issue

14

Publisher

WILEY