loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Jiaxing Zhou 1 ; Miyuki Hirose 1 ; Yoshio Kakizaki 1 and Atsuo Inomata 2

Affiliations: 1 Tokyo Denki University, 5 Senju Asahicho, Adachiku, Tokyo, Japan ; 2 Osaka University, 1-1 Yamadaoka, Suita, Osaka, Japan

Keyword(s): Ransomware, Subspecies, SVM, Pearson Correlation Coefficient.

Abstract: Research into ransomware subspecies classification is ongoing in many organizations, but it is proving difficult to extract feature quantities from specimens and the accuracy achieved thus far remains unsatisfactory. In this paper, we propose a method to classify subspecies that using the correlation coefficient between API groups calculated by Application Programming Interfaces (API) frequencies as the Support Vector Machines’ (SVM) feature quantities. The motivation for using the correlation coefficient between API groups as the feature quantity is that different ransomware families have different behavior patterns that can be reflected by the correlation between API groups. Based on the results of an evaluation experiment, we found that the accuracy of the proposed method was 98%, proving that the subspecies were classified correctly. Otherwise, it is determined that the contribution of each API for classifying ransomware families is different via analysis of the contribution of A PI. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.133.141.6

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Zhou, J.; Hirose, M.; Kakizaki, Y. and Inomata, A. (2020). Evaluation to Classify Ransomware Variants based on Correlations between APIs. In Proceedings of the 6th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-399-5; ISSN 2184-4356, SciTePress, pages 465-472. DOI: 10.5220/0008959904650472

@conference{icissp20,
author={Jiaxing Zhou. and Miyuki Hirose. and Yoshio Kakizaki. and Atsuo Inomata.},
title={Evaluation to Classify Ransomware Variants based on Correlations between APIs},
booktitle={Proceedings of the 6th International Conference on Information Systems Security and Privacy - ICISSP},
year={2020},
pages={465-472},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0008959904650472},
isbn={978-989-758-399-5},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 6th International Conference on Information Systems Security and Privacy - ICISSP
TI - Evaluation to Classify Ransomware Variants based on Correlations between APIs
SN - 978-989-758-399-5
IS - 2184-4356
AU - Zhou, J.
AU - Hirose, M.
AU - Kakizaki, Y.
AU - Inomata, A.
PY - 2020
SP - 465
EP - 472
DO - 10.5220/0008959904650472
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic