Version 1
: Received: 11 November 2023 / Approved: 16 November 2023 / Online: 20 November 2023 (11:06:27 CET)
How to cite:
Wang, F. Enhanced Ransomware Identification via Feature Extraction with Class Feature Weighting. Preprints2023, 2023111147. https://doi.org/10.20944/preprints202311.1147.v1
Wang, F. Enhanced Ransomware Identification via Feature Extraction with Class Feature Weighting. Preprints 2023, 2023111147. https://doi.org/10.20944/preprints202311.1147.v1
Wang, F. Enhanced Ransomware Identification via Feature Extraction with Class Feature Weighting. Preprints2023, 2023111147. https://doi.org/10.20944/preprints202311.1147.v1
APA Style
Wang, F. (2023). Enhanced Ransomware Identification via Feature Extraction with Class Feature Weighting. Preprints. https://doi.org/10.20944/preprints202311.1147.v1
Chicago/Turabian Style
Wang, F. 2023 "Enhanced Ransomware Identification via Feature Extraction with Class Feature Weighting" Preprints. https://doi.org/10.20944/preprints202311.1147.v1
Abstract
Ransomware attacks have risen alarmingly, with encryption techniques becoming more complex. This paper introduces a novel detection model tailored for ransomware's distinctive characteristics. The Intel PIN tool extracts Windows API invocation sequences related to file operations. These sequences are used to construct n-grams, forming feature vectors enhanced by a new Class Feature Weighting (CFW) metric to improve malware detection. Preliminary results demonstrate elevated accuracy and precision versus existing methods. The major contributions are: (1) Introducing an innovative deep learning model for few-shot ransomware classification using entropy features and transfer learning. (2) Achieving high weighted F1-score in classifying ransomware variants into families with limited training data. (3) Demonstrating the potential of entropy-based features to capture intricacies lost in image-based approaches, improving detection of new strains.
Computer Science and Mathematics, Computer Science
Copyright:
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.