Comprehensive Analysis of Advanced Techniques and Vital Tools for Detecting Malware Intrusion

Vasani, Vatsal; Bairwa, Amit Kumar; Joshi, Sandeep; Pljonkin, Anton; Kaur, Manjit; Amoon, Mohammed

doi:10.3390/electronics12204299

Cited by 6 publications

(3 citation statements)

References 68 publications

(78 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Studies revealed that dynamic analysis methods, leveraging behavioral patterns and system interactions, offered promising results in identifying ransomware with high accuracy [10], [15], [16], [17]. Research on static analysis, focusing on examining the code without execution, also contributed to early detection capabilities but faced limitations due to obfuscation techniques used by malware authors [18], [19], [20], [21]. Hybrid approaches, combining both static and dynamic analysis, were identified as comprehensive solutions, enhancing detection rates and reducing false positives [17], [22], [23].…”

Section: A Detection Techniques and Toolsmentioning

confidence: 99%

Examining Windows File System IRP Operations with Machine Learning for Ransomware Detection

Xu,

Wang

2024

Preprint

View full text Add to dashboard Cite

This study introduces an innovative approach to ransomware detection on Windows operating systems by leveraging Generative Adversarial Networks (GANs) to analyze file system I/O Request Packet (IRP) operations. The proposed method demonstrates a significant improvement in identifying ransomware activities through the dynamic monitoring of IRP operations, distinguishing between benign and malicious behaviors with high accuracy. The research highlights the application of GANs as a powerful tool in cybersecurity, capable of adapting to evolving ransomware tactics without the need for predefined threat signatures. Through rigorous testing, the model showcased notable advancements over traditional detection methods, indicating its potential to enhance real-world cybersecurity defenses. The findings suggest a shift towards more adaptive, machine learning-based solutions for combating the increasing complexity of cyber threats.

show abstract

Section: A Detection Techniques and Toolsmentioning

confidence: 99%

Examining Windows File System IRP Operations with Machine Learning for Ransomware Detection

Xu,

Wang

2024

Preprint

View full text Add to dashboard Cite

show abstract

“…Historical analyses of ransomware mitigation strategies highlighted the initial reliance on signature-based detection methods, which were quickly found to be ineffective against polymorphic and zero-day attacks [26,27,28,29]. The development of behavior-based detection tools represented a significant advancement, offering the ability to identify ransomware based on its actions rather than its signature [1,30,31].…”

Section: Existing Ransomware Detection and Prevention Toolsmentioning

confidence: 99%

RanAway: A Novel Ransomware-Resilient ReFS File System

Long,

Liang

2024

Preprint

View full text Add to dashboard Cite

Ransomware has emerged as a pervasive threat in the cybersecurity landscape, characterized by its ability to encrypt critical data and demand ransom for its release. Traditional cybersecurity defenses often fall short against sophisticated ransomware attacks due to their reliance on signature-based detection mechanisms and inadequate preventive measures. This paper introduces RanAway, an innovative solution designed to enhance ransomware resilience by leveraging the advanced features of the Microsoft Resilient File System (ReFS). Unlike conventional file systems, ReFS offers enhanced data integrity, automatic error correction, and robust resistance to data degradation—features that are crucial for mitigating the impact of ransomware attacks. RanAway integrates with ReFS to provide real-time monitoring of file system operations, employing heuristic and behavior-based algorithms to detect and prevent ransomware activities effectively. Our findings demonstrate RanAway's significant potential in reducing the risk of ransomware attacks, highlighting its contributions to the field of cybersecurity through innovative use of file system technologies for threat resilience. The deployment of RanAway represents a paradigm shift towards a more integrated and system-level approach in combating ransomware, offering a blueprint for future developments in cybersecurity defenses.

show abstract

“…In the field of malware detection using deep learning, there are several challenges that need to be addressed and promising avenues for future research [23, [73][74][75][76][77][78][79][80][81][82][83][84][85]. Figure 5 illustrates the open challenges associated with the deep learning-powered malware detection in cyberspace.…”

Section: Open Challengesmentioning

confidence: 99%

Deep learning-powered malware detection in cyberspace: a contemporary review

Redhu,

Choudhary,

Srinivasan

et al. 2024

Front. Phys.

View full text Add to dashboard Cite

This article explores deep learning models in the field of malware detection in cyberspace, aiming to provide insights into their relevance and contributions. The primary objective of the study is to investigate the practical applications and effectiveness of deep learning models in detecting malware. By carefully analyzing the characteristics of malware samples, these models gain the ability to accurately categorize them into distinct families or types, enabling security researchers to swiftly identify and counter emerging threats. The PRISMA 2020 guidelines were used for paper selection and the time range of review study is January 2015 to Dec 2023. In the review, various deep learning models such as Recurrent Neural Networks, Deep Autoencoders, LSTM, Deep Neural Networks, Deep Belief Networks, Deep Convolutional Neural Networks, Deep Generative Models, Deep Boltzmann Machines, Deep Reinforcement Learning, Extreme Learning Machine, and others are thoroughly evaluated. It highlights their individual strengths and real-world applications in the domain of malware detection in cyberspace. The review also emphasizes that deep learning algorithms consistently demonstrate exceptional performance, exhibiting high accuracy and low false positive rates in real-world scenarios. Thus, this article aims to contribute to a better understanding of the capabilities and potential of deep learning models in enhancing cybersecurity efforts.

show abstract

Comprehensive Analysis of Advanced Techniques and Vital Tools for Detecting Malware Intrusion

Cited by 6 publications

References 68 publications

Examining Windows File System IRP Operations with Machine Learning for Ransomware Detection

Examining Windows File System IRP Operations with Machine Learning for Ransomware Detection

RanAway: A Novel Ransomware-Resilient ReFS File System

Deep learning-powered malware detection in cyberspace: a contemporary review

Contact Info

Product

Resources

About