Modified Decision Tree Technique for Ransomware Detection at Runtime through API Calls
Joint Authors
Shah, Dilawar
Salam, Abdu
Javaid, Qaisar
Ahmad, Masood
Sarwar, Nadeem
Ullah, Faizan
Abrar, Muhammad
Source
Issue
Vol. 2020, Issue 2020 (31 Dec. 2020), pp.1-10, 10 p.
Publisher
Hindawi Publishing Corporation
Publication Date
2020-08-01
Country of Publication
Egypt
No. of Pages
10
Main Subjects
Abstract EN
Ransomware (RW) is a distinctive variety of malware that encrypts the files or locks the user’s system by keeping and taking their files hostage, which leads to huge financial losses to users.
In this article, we propose a new model that extracts the novel features from the RW dataset and performs classification of the RW and benign files.
The proposed model can detect a large number of RW from various families at runtime and scan the network, registry activities, and file system throughout the execution.
API-call series was reutilized to represent the behavior-based features of RW.
The technique extracts fourteen-feature vector at runtime and analyzes it by applying online machine learning algorithms to predict the RW.
To validate the effectiveness and scalability, we test 78550 recent malign and benign RW and compare with the random forest and AdaBoost, and the testing accuracy is extended at 99.56%.
American Psychological Association (APA)
Ullah, Faizan& Javaid, Qaisar& Salam, Abdu& Ahmad, Masood& Sarwar, Nadeem& Shah, Dilawar…[et al.]. 2020. Modified Decision Tree Technique for Ransomware Detection at Runtime through API Calls. Scientific Programming،Vol. 2020, no. 2020, pp.1-10.
https://search.emarefa.net/detail/BIM-1209198
Modern Language Association (MLA)
Ullah, Faizan…[et al.]. Modified Decision Tree Technique for Ransomware Detection at Runtime through API Calls. Scientific Programming No. 2020 (2020), pp.1-10.
https://search.emarefa.net/detail/BIM-1209198
American Medical Association (AMA)
Ullah, Faizan& Javaid, Qaisar& Salam, Abdu& Ahmad, Masood& Sarwar, Nadeem& Shah, Dilawar…[et al.]. Modified Decision Tree Technique for Ransomware Detection at Runtime through API Calls. Scientific Programming. 2020. Vol. 2020, no. 2020, pp.1-10.
https://search.emarefa.net/detail/BIM-1209198
Data Type
Journal Articles
Language
English
Notes
Includes bibliographical references
Record ID
BIM-1209198