Abstract
Ransomware has become one of the most influential and most potent cybersecurity threats, which, is expected to damage 20 Billion USD by 2021. The primary issue in dealing with these threats is that ransomware techniques are ever-evolving, and even if we develop a counter-mechanism against one ransomware, the next one will be completely immune to that technique. As a result, it is crucial to focus on broad-spectrum measures to detect and prevent ransomware of a wide variety. Artificial Intelligence can play a huge role in achieving this. Machine Learning is fast becoming a go-to method to detect ransomware; however, the techniques based on ML are generally limited to scanning. However, there are broader aspects to using this technique, work on which has been limited or has not been looked at yet. Another important aspect is preventing the ransomware from affecting the system files and spreading in the file system and preventing the ransomware from affecting the system files and spreading in the file system and protecting the files from the ransomware if prevention fails. Currently, there are no such techniques that provide detection, prevention, and protection in one suit. The method we propose highlights this aspect and aims to provide a complete solution to protect the users against ransomware attacks.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Al-rimy BAS, Maarof MA, Mohd-Shaid SZ (2018) Ransomware threat success factors, taxonomy, and countermeasures: a survey and research directions. Comp Secur 74:144–166
Bhardwaj A, Turjman A, Kumar M, Stephan T, Mostarda L (2020) Capturing-the-invisible : a novel approach for behavior-based attacks recognition in industrial control systems. IEEE Access 8(1):104956–104966. https://doi.org/10.1109/ACCESS.2020.2998983
Cabaj K, Gregorczyk M, Mazurczyk W (2018) Software-defined networking-based crypto ransomware detection using http traffic characteristics. Comput Electr Eng 66:353–368
Continella A, Guagnelli A, Zingaro G, De Pasquale G, Barenghi A, Zanero S, Maggi F (2016) “Shieldfs: a selfhealing, ransomware-aware filesystem,” In: Proc. 32nd Annual conference on computer security applications, pp. 336–347
Deverajan GG, Muthukumaran V, Hsu CH, Karuppiah M, Chung YC, Chen YH (2021) Public key encryption with equality test for industrial internet of things system in cloud computing. Trans Emerg Telecommun Technol. https://doi.org/10.1002/ett.4202
Firdausi I, Lim C, Erwin A, Nugroho AS (2010) “Analysis of machine learning techniques used in behavior-based malware detection,” In: Proc. Advances in computing, control and telecommunication technologies (ACT), 2010 Second International Conference, pp. 201–203, 2010
Gómez-Hernández JA, Álvarez-González L, García-Teodoro P (2018) R-locker: thwarting ransomware action through a honeyfile-based approach. Comp Secur 73:389–398
Idika N, Mathur AP (2007) A survey of malware detection techniques. Purdue Univers 48(2):32–46
Jyothsna VVRPV, Prasad VR, Prasad KM (2011) A review of anomaly-based intrusion detection systems. Int J Comp Appl 28(7):26–35
Kharaz A, Arshad S, Mulliner C, Robertson W, Kirda E (2016) “Unveil: a large-scale, automated approach to detecting ransomware,” In: Proc. USENIX security symposium, pp. 757–772
Kumar M, Alshehri M, AlGhamdi R, Sharma P, Deep V (2020) A de-ann inspired skin cancer detection approach using fuzzy c-means clustering. Mobile Netw Appl 25:1319–1329. https://doi.org/10.1007/s11036-020-01550-2
Li X, Zhu Q, Huang Y, Hu Y, Meng Q, Su C, Yang Q, Wu S, Liu X (2020) Research on the freezing phenomenon of quantum correlation by machine learning. CMC-Comp Mater Continua 65(3):2143–2151
Malina L, Srivastava G, Dzurenda P, Hajny J, Fujdiak R (2019) “A secure publish/subscribe protocol for internet of things,” In: Proc. of the 14th International conference on availability, reliability and security, pp. 1–10
Morato D, Berrueta E, Magaña E, Izal M (2018) Ransomware early detection by the analysis of file sharing traffic. J Netw Comput Appl 124:14–32
Moser A, Kruegel C, Kirda E (2007) “Limits of static analysis for malware detection,” In: Proc. twenty-third annual computer security applications conference (ACSAC), pp. 421–430
Nagarajan SM, Deverajan GG, Kumaran U, Thirunavukkarasan M, Alshehri MD, Alkhalaf S (2021) Secure data transmission in internet of medical things using RES-256 algorithm. IEEE Trans Ind Inf (Early Access). https://doi.org/10.1109/TII.2021.3126119
Reddy GT, Reddy MP, Lakshmanna K, Kaluri R, Rajput DS, Srivastava G, Baker T (2020) Analysis of dimensionality reduction techniques on big data. IEEE Access 8:54776–54788
Scaife N, Carter H, Traynor P, Butler KR (2016) “Cryptolock (and drop it): stopping ransomware attacks on user data,” In: Proc. distributed computing systems (ICDCS), In: IEEE 36th International conference, pp. 303–312
Selvaraj A, Patan R, Gandomi AH, Deverajan GG, Pushparaj M (2019) Optimal virtual machine selection for anomaly detection using a swarm intelligence approach. Appl Soft Comp 84:105686
Sharma P, Saxena K (2017) Application of fuzzy logic and genetic algorithm in heart disease risk level prediction. Int J Sys Assur Eng Manag 8(2):1109–1125
Tailor JP, Patel AD (2017) A comprehensive survey: ransomware attacks prevention, monitoring and damage control. Int J Res Sci Innov IV(November):2321–2705
Torres PE, Yoo SG (2017) Detecting and neutralizing encrypting ransomware attacks by using machine-learning techniques: a literature review. Int J Appl Eng Res 12(18):7902–7911
Funding
The authors received no specific funding for this study.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflicts of interest
The authors declare that they have no conflicts of interest to report regarding the present study.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Sharma, P., Kapoor, S. & Sharma, R. Ransomware detection, prevention and protection in IoT devices using ML techniques based on dynamic analysis approach. Int J Syst Assur Eng Manag 14, 287–296 (2023). https://doi.org/10.1007/s13198-022-01793-0
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13198-022-01793-0