This research presents a novel framework comprising the IPS gateway, analysis system, and honeypot for identifying and detecting ransomware based on the client honeypot concept, and active interception of downloads using Suricata inline intruder prevention system. Unlike previous frameworks that report on the accuracy rate of detecting ransomware, the proposed framework features a multiple voting platform for the validation of confidence levels in the accuracy detection rates. The proposed framework achieves high accuracy levels than other machine learning models for the detection of ransomware.
History
Journal
Concurrency and Computation: Practice and Experience