The Recent Trends in Ransomware Detection and Behaviour Analysis

Busra Caliskan; Ibrahim Gulatas; H. Hakan Kilinc; A. Halim Zaim

doi:10.1109/SIN63213.2024.10871663

The Recent Trends in Ransomware Detection and Behaviour Analysis

Busra Caliskan, Ibrahim Gulatas, H. Hakan Kilinc, A. Halim Zaim

Department of Computer Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Ransomware attacks, with their evolving tactics and devastating impacts, have become one of the most critical threats in cybersecurity. This study provides a comprehensive analysis of recent advancements in ransomware detection and behavior analysis, focusing on trends from the last two years. Through an in-depth behavioral analysis of 14 ransomware families, the research highlights common infection vectors, encryption strategies, and malicious activities. Moreover, a comparative evaluation of publicly available and proprietary datasets reveals the challenges in training robust machine learning models. By analyzing 12 state-of-the-art detection methodologies, this research highlights the superiority of Random Forest-based models and the critical role of dynamic analysis techniques like API calls in early-stage detection. This research reveals a pressing need for real-time detection systems and localized solutions to prevent mass data encryption. This research aims to bring light to the ransomware research community, by addressing gaps in current methodologies and proposing future directions against the growing ransomware menace effectively.

Original language	English
Title of host publication	2024 17th International Conference on Security of Information and Networks, SIN 2024
Publisher	Institute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)	9798331509736
DOIs	https://doi.org/10.1109/SIN63213.2024.10871663
Publication status	Published - 2024
Event	17th International Conference on Security of Information and Networks, SIN 2024 - Sydney, Australia Duration: 2 Dec 2024 → 4 Dec 2024

Publication series

Name	2024 17th International Conference on Security of Information and Networks, SIN 2024

Conference

Conference	17th International Conference on Security of Information and Networks, SIN 2024
Country/Territory	Australia
City	Sydney
Period	2/12/24 → 4/12/24

Bibliographical note

Publisher Copyright:
© 2024 IEEE.

Keywords

Behavioral Analysis
Malware
Ransomware
Ransomware Detection

Access to Document

10.1109/SIN63213.2024.10871663

Cite this

Caliskan, B., Gulatas, I., Kilinc, H. H., & Zaim, A. H. (2024). The Recent Trends in Ransomware Detection and Behaviour Analysis. In 2024 17th International Conference on Security of Information and Networks, SIN 2024 (2024 17th International Conference on Security of Information and Networks, SIN 2024). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SIN63213.2024.10871663

@inproceedings{a345ade3745e42039772b5277295a614,

title = "The Recent Trends in Ransomware Detection and Behaviour Analysis",

abstract = "Ransomware attacks, with their evolving tactics and devastating impacts, have become one of the most critical threats in cybersecurity. This study provides a comprehensive analysis of recent advancements in ransomware detection and behavior analysis, focusing on trends from the last two years. Through an in-depth behavioral analysis of 14 ransomware families, the research highlights common infection vectors, encryption strategies, and malicious activities. Moreover, a comparative evaluation of publicly available and proprietary datasets reveals the challenges in training robust machine learning models. By analyzing 12 state-of-the-art detection methodologies, this research highlights the superiority of Random Forest-based models and the critical role of dynamic analysis techniques like API calls in early-stage detection. This research reveals a pressing need for real-time detection systems and localized solutions to prevent mass data encryption. This research aims to bring light to the ransomware research community, by addressing gaps in current methodologies and proposing future directions against the growing ransomware menace effectively.",

keywords = "Behavioral Analysis, Malware, Ransomware, Ransomware Detection",

author = "Busra Caliskan and Ibrahim Gulatas and Kilinc, {H. Hakan} and Zaim, {A. Halim}",

note = "Publisher Copyright: {\textcopyright} 2024 IEEE.; 17th International Conference on Security of Information and Networks, SIN 2024 ; Conference date: 02-12-2024 Through 04-12-2024",

year = "2024",

doi = "10.1109/SIN63213.2024.10871663",

language = "English",

series = "2024 17th International Conference on Security of Information and Networks, SIN 2024",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "2024 17th International Conference on Security of Information and Networks, SIN 2024",

address = "United States",

}

Caliskan, B, Gulatas, I, Kilinc, HH & Zaim, AH 2024, The Recent Trends in Ransomware Detection and Behaviour Analysis. in 2024 17th International Conference on Security of Information and Networks, SIN 2024. 2024 17th International Conference on Security of Information and Networks, SIN 2024, Institute of Electrical and Electronics Engineers Inc., 17th International Conference on Security of Information and Networks, SIN 2024, Sydney, Australia, 2/12/24. https://doi.org/10.1109/SIN63213.2024.10871663

The Recent Trends in Ransomware Detection and Behaviour Analysis. / Caliskan, Busra; Gulatas, Ibrahim; Kilinc, H. Hakan et al.
2024 17th International Conference on Security of Information and Networks, SIN 2024. Institute of Electrical and Electronics Engineers Inc., 2024. (2024 17th International Conference on Security of Information and Networks, SIN 2024).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - The Recent Trends in Ransomware Detection and Behaviour Analysis

AU - Caliskan, Busra

AU - Gulatas, Ibrahim

AU - Kilinc, H. Hakan

AU - Zaim, A. Halim

PY - 2024

Y1 - 2024

N2 - Ransomware attacks, with their evolving tactics and devastating impacts, have become one of the most critical threats in cybersecurity. This study provides a comprehensive analysis of recent advancements in ransomware detection and behavior analysis, focusing on trends from the last two years. Through an in-depth behavioral analysis of 14 ransomware families, the research highlights common infection vectors, encryption strategies, and malicious activities. Moreover, a comparative evaluation of publicly available and proprietary datasets reveals the challenges in training robust machine learning models. By analyzing 12 state-of-the-art detection methodologies, this research highlights the superiority of Random Forest-based models and the critical role of dynamic analysis techniques like API calls in early-stage detection. This research reveals a pressing need for real-time detection systems and localized solutions to prevent mass data encryption. This research aims to bring light to the ransomware research community, by addressing gaps in current methodologies and proposing future directions against the growing ransomware menace effectively.

AB - Ransomware attacks, with their evolving tactics and devastating impacts, have become one of the most critical threats in cybersecurity. This study provides a comprehensive analysis of recent advancements in ransomware detection and behavior analysis, focusing on trends from the last two years. Through an in-depth behavioral analysis of 14 ransomware families, the research highlights common infection vectors, encryption strategies, and malicious activities. Moreover, a comparative evaluation of publicly available and proprietary datasets reveals the challenges in training robust machine learning models. By analyzing 12 state-of-the-art detection methodologies, this research highlights the superiority of Random Forest-based models and the critical role of dynamic analysis techniques like API calls in early-stage detection. This research reveals a pressing need for real-time detection systems and localized solutions to prevent mass data encryption. This research aims to bring light to the ransomware research community, by addressing gaps in current methodologies and proposing future directions against the growing ransomware menace effectively.

KW - Behavioral Analysis

KW - Malware

KW - Ransomware

KW - Ransomware Detection

UR - http://www.scopus.com/inward/record.url?scp=86000021293&partnerID=8YFLogxK

U2 - 10.1109/SIN63213.2024.10871663

DO - 10.1109/SIN63213.2024.10871663

M3 - Conference contribution

AN - SCOPUS:86000021293

T3 - 2024 17th International Conference on Security of Information and Networks, SIN 2024

BT - 2024 17th International Conference on Security of Information and Networks, SIN 2024

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 17th International Conference on Security of Information and Networks, SIN 2024

Y2 - 2 December 2024 through 4 December 2024

ER -

Caliskan B, Gulatas I, Kilinc HH, Zaim AH. The Recent Trends in Ransomware Detection and Behaviour Analysis. In 2024 17th International Conference on Security of Information and Networks, SIN 2024. Institute of Electrical and Electronics Engineers Inc. 2024. (2024 17th International Conference on Security of Information and Networks, SIN 2024). doi: 10.1109/SIN63213.2024.10871663

The Recent Trends in Ransomware Detection and Behaviour Analysis

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this