VoterChoice: A ransomware detection honeypot with multiple voting framework

Summary This research presents a novel framework comprising the IPS gateway, analysis system, and honeypot for identifying and detecting ransomware based on the client honeypot concept, and active interception of downloads using Suricata inline intruder prevention system. Unlike previous frameworks...

Full description

Saved in:
Bibliographic Details
Published in:Concurrency and computation 2020-07, Vol.32 (14), p.n/a
Main Authors: Keong Ng, Chee, Rajasegarar, Sutharshan, Pan, Lei, Jiang, Frank, Zhang, Leo Yu
Format: Article
Language:English
Subjects:
Accuracy
Confidence intervals
dynamic analysis
Interception
Machine learning
Malware
Model accuracy
Ransomware
static analysis
Voting
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Summary This research presents a novel framework comprising the IPS gateway, analysis system, and honeypot for identifying and detecting ransomware based on the client honeypot concept, and active interception of downloads using Suricata inline intruder prevention system. Unlike previous frameworks that report on the accuracy rate of detecting ransomware, the proposed framework features a multiple voting platform for the validation of confidence levels in the accuracy detection rates. The proposed framework achieves high accuracy levels than other machine learning models for the detection of ransomware.
ISSN:1532-0626
1532-0634
DOI:10.1002/cpe.5726