File(s) under permanent embargo
VoterChoice: A ransomware detection honeypot with multiple voting framework
journal contribution
posted on 2020-07-25, 00:00 authored by Allan Ng, Sutharshan RajasegararSutharshan Rajasegarar, Lei PanLei Pan, Frank JiangFrank Jiang, Leo ZhangLeo ZhangThis research presents a novel framework comprising the IPS gateway, analysis system, and honeypot for identifying and detecting ransomware based on the client honeypot concept, and active interception of downloads using Suricata inline intruder prevention system. Unlike previous frameworks that report on the accuracy rate of detecting ransomware, the proposed framework features a multiple voting platform for the validation of confidence levels in the accuracy detection rates. The proposed framework achieves high accuracy levels than other machine learning models for the detection of ransomware.