Automated Behavior-based Malice Scoring of Ransomware Using Genetic Programming

被引：3

作者：

Abbasi, Muhammad Shabbir ^{[1
,2
]}

Al-Sahaf, Harith ^{[1
]}

Welch, Ian ^{[1
]}

机构：

[1] Victoria Univ Wellington, Sch Engn & Comp Sci, POB 600, Wellington 6140, New Zealand

[2] Univ Agr Faisalabad, Dept Comp Sci, Faisalabad, Punjab, Pakistan

来源：

2021 IEEE SYMPOSIUM SERIES ON COMPUTATIONAL INTELLIGENCE (IEEE SSCI 2021) | 2021年

关键词：

GP; Symbolic regression; ransomware; malice scoring;

D O I：

10.1109/SSCI50451.2021.9660009

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Malice or severity scoring models are a technique for detection of maliciousness. A few ransomware detection studies utilise malice scoring models for detection of ransomware-like behavior. These models rely on the weighted sum of some manually chosen features and their weights by a domain expert. To automate the modelling of malice scoring for ransomware detection, we propose a method based on Genetic Programming (GP) that automatically evolves a behavior-based malice scoring model by selecting appropriate features and functions from the input feature and operator sets. The experimental results show that the best-evolved model correctly assigned a malice score, below the threshold value to over 85% of the unseen goodware instances, and over the threshold value to more than 99% of the unseen ransomware instances.

引用

页数：8

共 24 条

[1] Particle Swarm Optimization: A Wrapper-Based Feature Selection Method for Ransomware Detection and Classification [J].

Abbasi, Muhammad Shabbir ;

Al-Sahaf, Harith ;

Welch, Ian .

APPLICATIONS OF EVOLUTIONARY COMPUTATION, EVOAPPLICATIONS 2020, 2020, 12104 :181-196

[2] Isolation and distinctiveness in the design of e-learning systems influence user preferences [J].

Al-Samarraie, Hosam ;

Selim, Hassan ;

Teo, Timothy ;

Zaqout, Fahed .

INTERACTIVE LEARNING ENVIRONMENTS, 2017, 25 (04) :452-466

[3] Symbolic regression via genetic programming [J].

Augusto, DA ;

Barbosa, HJC .

SIXTH BRAZILIAN SYMPOSIUM ON NEURAL NETWORKS, VOL 1, PROCEEDINGS, 2000, :173-178

[4] Dual-Tree Genetic Programming for Few-Shot Image Classification [J].

Bi, Ying ;

Xue, Bing ;

Zhang, Mengjie .

IEEE TRANSACTIONS ON EVOLUTIONARY COMPUTATION, 2022, 26 (03) :555-569

[5] AIMED: Evolving Malware with Genetic Programming to Evade Detection [J].

Castro, Raphael Labaca ;

Schmitt, Corinna ;

Rodosek, Gabi Dreo .

2019 18TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS/13TH IEEE INTERNATIONAL CONFERENCE ON BIG DATA SCIENCE AND ENGINEERING (TRUSTCOM/BIGDATASE 2019), 2019, :240-247

[6]

Chen Q, 2015, IEEE C EVOL COMPUTAT, P1137, DOI 10.1109/CEC.2015.7257017

[7]

Fortin FA, 2012, J MACH LEARN RES, V13, P2171

[8] Statistical genetic programming for symbolic regression [J].