Universiti Teknologi Malaysia Institutional Repository

Multi-classification of imbalance worm ransomware in the IoMT system

Hameed, Shilan S. and Selamat, Ali and Abdul Latiff, Liza and A. Razak, Shukor and Krejcar, Ondrej (2022) Multi-classification of imbalance worm ransomware in the IoMT system. In: New Trends in Intelligent Software Methodologies, Tools and Techniques. Frontiers in Artificial Intelligence and Applications, 355 (NA). IOS Press BV, Amsterdam, Noord-Holland Netherlands, pp. 531-541. ISBN 978-164368316-4

Full text not available from this repository.

Official URL: http://dx.doi.org/10.3233/FAIA220282

Abstract

Worm-like ransomware strains spread quickly to critical systems such as IoMT without human interaction. Therefore, detecting different worm-like ransomware attacks during their spread is vital. Nevertheless, the low detection rate due to the imbalanced ransomware data and the detection systems' disability for multiclass simultaneous detection are two apparent problems. In this work, we proposed a new approach for multi-classifying ransomware using preprocessing, resampling, and different classifiers. The proposed system uses network traffic NetFlow data, which is privacy-friendly and not heavy. In the first phase, preprocessing techniques were used on the collected and aggregated ransomware traffic, and then an optimized Synthetic Minority Oversampling Technique (SMOTE) was used for resampling the low-class samples. After that, four classifiers were applied, namely, Bayes Net, Hoeffding Tree, K-Nearest Neighbor, and a lightweight Multi-Layered Perceptron (MLP). The experimental results showed that the efficient preprocessing ensured accurate and simultaneous ransomware detection while the resampling technique improved the detection rate, F1, and PRC curve.

Item Type:Book Section
Uncontrolled Keywords:Imbalance data, IoMT, Multi-classification, Self-propagating ransomware, SMOTE
Subjects:Q Science > QA Mathematics > QA76 Computer software
Divisions:Malaysia-Japan International Institute of Technology
ID Code:100555
Deposited By: Widya Wahid
Deposited On:17 Apr 2023 06:53
Last Modified:17 Apr 2023 06:53

Repository Staff Only: item control page