Dissertação

Classificação de ransomware utilizando MLP, redução de dimensionalidade e balanceamento de classes

Ransomware is a type of malware that prevents or limits user access to system and files until aransom is paid. Combating this threat is difficult due to its rapid spread and constant changes in the encryption techniques used. Machine learning algorithms such as Artificial Neural Networks have been t...

ver descrição completa

Autor principal: PEREIRA, George Tassiano Melo
Grau: Dissertação
Idioma: por
Publicado em: Universidade Federal do Pará 2024
Assuntos:
Acesso em linha: https://repositorio.ufpa.br/jspui/handle/2011/16641
Resumo:
Ransomware is a type of malware that prevents or limits user access to system and files until aransom is paid. Combating this threat is difficult due to its rapid spread and constant changes in the encryption techniques used. Machine learning algorithms such as Artificial Neural Networks have been touted as promising tools in classifying ransomware because they can learn to identify complex patterns and features in large amounts of data. This allows neural networks be trained on sample examples of malicious software, including ransomware, and then be able to classify new examples with high accuracy. Furthermore, neural networks are also capable of learning and adapting to changes in malware behavior, making them effective tools for detecting new types of ransomware. In this work, three types of ransomware classification by ANN are explored within a composite pipeline with dimensionality reduction by Kernel PCA and class balancing with the random oversampling approach. The MLP (Multi-layer Perceptron) reached an average of 98% accuracy in the binary classification and 85% accuracy in the goodware family classification, where such values surpass the previous results and thus demonstrate the effectiveness of the inclusion of the class balancing in improving the ransomware detection model.