Event Details
Intelligent Endpoint-based Ransomware Detection Framework
Presenter: Faith Okpongete
Supervisor:
Date: Mon, July 18, 2022
Time: 09:00:00 - 10:00:00
Place: via Zoom - please see link below
ABSTRACT
Join Zoom Meeting
Meeting ID: 898 3738 8478
Password: 922431
​â¶Ä‹Abstract:​ Over the past couple of decades, ransomware attacks have increased significantly and that
calls for more aggressive efforts in building robust detection models to detect and reduce the
impact of the attacks. Once attacked, the malware takes over the victims' machines and files
by locking or encrypting them. These attacks have also led to huge global financial loss for
people, businesses, and governments of nations. The cybercriminals who perpetrate these
attacks always demand payment of some ransom in cryptocurrency. Presently, there are
three common methods for detecting these ransomware attacks viz static, dynamic, and hybrid
detections. Static detection is known to evade detection easily by cryptographic techniques
and that is why dynamic detection was adopted for this project. We trained and tested
offline a detection model using the ISOT Ransomware dataset and implemented the proposed
model as a standalone endpoint detector. The detector was deployed and evaluated online
using new samples from the wild, whereby Cuckoo Sandbox was used to execute and extract
the malware features during the experiment. The online evaluation confirmed the offline
performance results, which were very encouraging.