Welcome to the resource topic for 2022/014
Title:
Transformer encoder-based Crypto-Ransomware Detection for Low-Power Embedded Processors
Authors: Hyunji Kim, Sejin Lim, Yeajun Kang, Wonwoong Kim, Hwajeong Seo
Abstract:Crypto-ransomware has a process to encrypt the victim’s files, and crypto-ransomware requests the victim for money for a key to decrypt the encrypted file. In this paper, we present new approaches to prevent crypto-ransomware by detecting block cipher algorithms for Internet of Things (IoT) platforms. The generic software of the AVR package and the lightweight block cipher library (FELICS) written in C language was trained through the neural network, and then we evaluated the result. Unlike the previous technique, the proposed method does not extract sequence and frequency characteristics, but considers opcodes and opcode sequences as words and sentences, performs word embedding, and then inputs them to the neural network based on the encoder structure of the transformer model. Through this approach, the file size was reduced by 0.5 times while maintaining a similar level of classification performance compared to the previous method. The detection success rate for the proposed method was evaluated with the F-measured value, which is the harmonic mean of precision and recall. In addition to achieving 98% crypto-ransomware detection success rates, classification by benign firmware and lightweight cryptography algorithm, Substitution-Permutation-Network (SPN) structure, Addition-Rotation-eXclusive-or structure (ARX) and normal firmware classification are also possible.
ePrint: https://eprint.iacr.org/2022/014
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .