Diavka et al., 2024 - Google Patents
Comprehensive ransomware detection using dynamic behavior profilingDiavka et al., 2024
View PDF- Document ID
- 17182117164226518882
- Author
- Diavka C
- Whitaker S
- Langford O
- Blackwood S
- Wainwright V
- Kingsley W
- Publication year
External Links
Snippet
The proliferation of sophisticated cyber threats necessitates the development of advanced detection mechanisms capable of identifying and mitigating ransomware attacks. The Adaptive Ransomware Detection (ARD) framework employs dynamic behavior profiling and …
- 238000001514 detection method 0 title abstract description 78
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11785040B2 (en) | Systems and methods for cyber security alert triage | |
Neweva et al. | Forensic analysis of live ransomware attacks on linux-based laptop systems: Techniques and evaluation | |
Keyogeg et al. | Automated detection of ransomware in windows active directory domain services using log analysis and machine learning | |
Wiles et al. | Ransomware detection using network traffic analysis and generative adversarial networks | |
Sarewap et al. | Efficient ransomware detection through dynamic file system traffic analysis: A methodological approach | |
Chen et al. | Detecting Stealthy Ransomware in IPFS Networks Using Machine Learning | |
Tarness et al. | Introducing dynamic entropy layer profiling: A novel approach for ransomware detection through behavioral feature analysis | |
Limer et al. | Automated ransomware detection using dynamic behavior trace profiling | |
Ramon et al. | Deep dynamic detection for real-time ransomware classification using recursive temporal contextualization | |
Shiring et al. | Adaptive ransomware detection using dynamic encryption pattern analysis | |
Alshehri et al. | Cyberattack Detection Framework Using Machine Learning and User Behavior Analytics. | |
Diavka et al. | Comprehensive ransomware detection using dynamic behavior profiling | |
Findlay et al. | Dynamic enclave partitioning for ransomware detection using adaptive behavioral segmentation | |
Gromov et al. | Novel approach for enhanced ransomware detection: Introducing adaptive pattern signature analysis | |
Schiller et al. | Dynamic encryption fingerprint analysis for autonomous ransomware detection through adaptive anomaly recognition | |
Mezheckaya et al. | Advanced autonomous detection of ransomware using dynamic threat pattern recognition | |
Kello et al. | An autonomous methodology to detect ransomware using temporal signature decomposition analysis | |
Bargamon et al. | Advanced ransomware detection through dynamic anomaly pattern discrimination | |
Solomon et al. | A new autonomous multi-layered cognitive detection mechanism for ransomware attacks | |
Azzaman et al. | Dynamic entropic signatures for ransomware detection: A novel computational framework | |
Anka et al. | Quantum-lattice feature extraction for ransomware detection using multi-dimensional cryptographic signatures | |
Shadow et al. | An adaptive ransomware detection method using dynamic entropy analysis | |
Shanks et al. | Innovative framework for ransomware detection using adaptive cryptographic behavior analysis | |
Kamysh et al. | Dynamic ransomware signature detection using anomaly-differential neural tensors | |
Walling et al. | A survey on intrusion detection systems: Types, datasets, machine learning methods for NIDS and challenges |