{"id":"https://openalex.org/W6903315026","doi":"https://doi.org/10.1093/cybsec/tyaf009","title":"Not on my watch: ransomware detection through classification of high-entropy file segments","display_name":"Not on my watch: ransomware detection through classification of high-entropy file segments","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W6903315026","doi":"https://doi.org/10.1093/cybsec/tyaf009"},"language":"en","primary_location":{"id":"doi:10.1093/cybsec/tyaf009","is_oa":true,"landing_page_url":"https://doi.org/10.1093/cybsec/tyaf009","pdf_url":null,"source":{"id":"https://openalex.org/S2735156331","display_name":"Journal of Cybersecurity","issn_l":"2057-2085","issn":["2057-2085","2057-2093"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1093/cybsec/tyaf009","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Fran Casino","orcid":"https://orcid.org/0000-0003-4296-2876"},"institutions":[{"id":"https://openalex.org/I4210156054","display_name":"Athena Research and Innovation Center In Information Communication & Knowledge Technologies","ror":"https://ror.org/0576by029","country_code":"GR","type":"facility","lineage":["https://openalex.org/I4210156054"]},{"id":"https://openalex.org/I55952717","display_name":"Universitat Rovira i Virgili","ror":"https://ror.org/00g5sqv46","country_code":"ES","type":"education","lineage":["https://openalex.org/I55952717"]}],"countries":["ES","GR"],"is_corresponding":true,"raw_author_name":"Fran Casino","raw_affiliation_strings":["Department of Computer Engineering and Mathematics, Universitat Rovira i Virgili , Avinguda dels Pa\u00efsos Catalans, 26, 43007, Tarragona ,","Information Management Systems Institute, Athena Research Centre , Artemidos 6, Marousi 15125 ,"],"raw_orcid":"https://orcid.org/0000-0003-4296-2876","affiliations":[{"raw_affiliation_string":"Department of Computer Engineering and Mathematics, Universitat Rovira i Virgili , Avinguda dels Pa\u00efsos Catalans, 26, 43007, Tarragona ,","institution_ids":["https://openalex.org/I55952717"]},{"raw_affiliation_string":"Information Management Systems Institute, Athena Research Centre , Artemidos 6, Marousi 15125 ,","institution_ids":["https://openalex.org/I4210156054"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Darren Hurley-Smith","orcid":null},"institutions":[{"id":"https://openalex.org/I20581793","display_name":"University of Kent","ror":"https://ror.org/00xkeyj56","country_code":"GB","type":"education","lineage":["https://openalex.org/I20581793"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Darren Hurley-Smith","raw_affiliation_strings":["University of Kent , Giles Ln, Canterbury CT2 7NZ ,"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Kent , Giles Ln, Canterbury CT2 7NZ ,","institution_ids":["https://openalex.org/I20581793"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Julio Hernandez-Castro","orcid":null},"institutions":[{"id":"https://openalex.org/I88060688","display_name":"Universidad Polit\u00e9cnica de Madrid","ror":"https://ror.org/03n6nwv02","country_code":"ES","type":"education","lineage":["https://openalex.org/I88060688"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Julio Hernandez-Castro","raw_affiliation_strings":["Universidad Polit\u00e9cnica de Madrid , Alan Turing, s/n, 28031 Madrid ,"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Universidad Polit\u00e9cnica de Madrid , Alan Turing, s/n, 28031 Madrid ,","institution_ids":["https://openalex.org/I88060688"]}]},{"author_position":"last","author":{"id":null,"display_name":"Constantinos Patsakis","orcid":null},"institutions":[{"id":"https://openalex.org/I154757721","display_name":"University of Piraeus","ror":"https://ror.org/02qs84g94","country_code":"GR","type":"education","lineage":["https://openalex.org/I154757721"]},{"id":"https://openalex.org/I4210156054","display_name":"Athena Research and Innovation Center In Information Communication & Knowledge Technologies","ror":"https://ror.org/0576by029","country_code":"GR","type":"facility","lineage":["https://openalex.org/I4210156054"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Constantinos Patsakis","raw_affiliation_strings":["Department of Informatics, University of Piraeus , 80 Karaoli & Dimitriou str., 18534 Piraeus ,","Information Management Systems Institute, Athena Research Centre , Artemidos 6, Marousi 15125 ,"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Informatics, University of Piraeus , 80 Karaoli & Dimitriou str., 18534 Piraeus ,","institution_ids":["https://openalex.org/I154757721"]},{"raw_affiliation_string":"Information Management Systems Institute, Athena Research Centre , Artemidos 6, Marousi 15125 ,","institution_ids":["https://openalex.org/I4210156054"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I4210156054","https://openalex.org/I55952717"],"apc_list":{"value":1864,"currency":"USD","value_usd":1864},"apc_paid":{"value":1864,"currency":"USD","value_usd":1864},"fwci":4.7349,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":{"value":0.95501625,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":91,"max":99},"biblio":{"volume":"11","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":true,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9648000001907349,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9648000001907349,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.01889999955892563,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.0066999997943639755,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.8562999963760376},{"id":"https://openalex.org/keywords/file-system","display_name":"File system","score":0.5249000191688538},{"id":"https://openalex.org/keywords/adaptability","display_name":"Adaptability","score":0.5006999969482422},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.4909000098705292},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.4717999994754791},{"id":"https://openalex.org/keywords/digitization","display_name":"Digitization","score":0.4627000093460083},{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.460099995136261},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.3831999897956848},{"id":"https://openalex.org/keywords/state","display_name":"State (computer science)","score":0.3490999937057495},{"id":"https://openalex.org/keywords/sword","display_name":"SWORD","score":0.33469998836517334}],"concepts":[{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.8562999963760376},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7541000247001648},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6216999888420105},{"id":"https://openalex.org/C2780940931","wikidata":"https://www.wikidata.org/wiki/Q174989","display_name":"File system","level":2,"score":0.5249000191688538},{"id":"https://openalex.org/C177606310","wikidata":"https://www.wikidata.org/wiki/Q5674297","display_name":"Adaptability","level":2,"score":0.5006999969482422},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.4909000098705292},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.4717999994754791},{"id":"https://openalex.org/C2779308522","wikidata":"https://www.wikidata.org/wiki/Q843958","display_name":"Digitization","level":2,"score":0.4627000093460083},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.460099995136261},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.3831999897956848},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.3490999937057495},{"id":"https://openalex.org/C2781424646","wikidata":"https://www.wikidata.org/wiki/Q7395200","display_name":"SWORD","level":2,"score":0.33469998836517334},{"id":"https://openalex.org/C40523978","wikidata":"https://www.wikidata.org/wiki/Q14675","display_name":"Fork (system call)","level":2,"score":0.3203999996185303},{"id":"https://openalex.org/C28719098","wikidata":"https://www.wikidata.org/wiki/Q44946","display_name":"Point (geometry)","level":2,"score":0.3181000053882599},{"id":"https://openalex.org/C84418412","wikidata":"https://www.wikidata.org/wiki/Q3246940","display_name":"Digital forensics","level":2,"score":0.31360000371932983},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.2980000078678131},{"id":"https://openalex.org/C89198739","wikidata":"https://www.wikidata.org/wiki/Q3079880","display_name":"Data stream mining","level":2,"score":0.2867000102996826},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.2822999954223633},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.27900001406669617},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2689000070095062},{"id":"https://openalex.org/C112789634","wikidata":"https://www.wikidata.org/wiki/Q18207010","display_name":"False positives and false negatives","level":3,"score":0.25940001010894775},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.2587999999523163},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.2565999925136566},{"id":"https://openalex.org/C150817343","wikidata":"https://www.wikidata.org/wiki/Q875932","display_name":"Digital watermarking","level":3,"score":0.25200000405311584},{"id":"https://openalex.org/C64869954","wikidata":"https://www.wikidata.org/wiki/Q1859747","display_name":"False positive paradox","level":2,"score":0.2493000030517578},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.23409999907016754},{"id":"https://openalex.org/C10144332","wikidata":"https://www.wikidata.org/wiki/Q14645","display_name":"Rootkit","level":3,"score":0.23330000042915344},{"id":"https://openalex.org/C108801101","wikidata":"https://www.wikidata.org/wiki/Q15032","display_name":"Steganography","level":3,"score":0.2321999967098236},{"id":"https://openalex.org/C2778012447","wikidata":"https://www.wikidata.org/wiki/Q1034415","display_name":"Scope (computer science)","level":2,"score":0.22619999945163727},{"id":"https://openalex.org/C40305131","wikidata":"https://www.wikidata.org/wiki/Q2616305","display_name":"Obfuscation","level":2,"score":0.22339999675750732},{"id":"https://openalex.org/C529754248","wikidata":"https://www.wikidata.org/wiki/Q1054772","display_name":"Data recovery","level":2,"score":0.2175000011920929},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.21619999408721924},{"id":"https://openalex.org/C97250363","wikidata":"https://www.wikidata.org/wiki/Q235557","display_name":"File format","level":2,"score":0.2142000049352646},{"id":"https://openalex.org/C148043351","wikidata":"https://www.wikidata.org/wiki/Q4456944","display_name":"Current (fluid)","level":2,"score":0.21369999647140503},{"id":"https://openalex.org/C556601545","wikidata":"https://www.wikidata.org/wiki/Q878553","display_name":"Computer forensics","level":3,"score":0.20409999787807465},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.1826000064611435},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.18209999799728394},{"id":"https://openalex.org/C3018574109","wikidata":"https://www.wikidata.org/wiki/Q329338","display_name":"State of art","level":2,"score":0.1817999929189682},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.18140000104904175},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.18129999935626984}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1093/cybsec/tyaf009","is_oa":true,"landing_page_url":"https://doi.org/10.1093/cybsec/tyaf009","pdf_url":null,"source":{"id":"https://openalex.org/S2735156331","display_name":"Journal of Cybersecurity","issn_l":"2057-2085","issn":["2057-2085","2057-2093"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity","raw_type":"journal-article"},{"id":"pmh:oai:kar.kent.ac.uk:110567","is_oa":false,"landing_page_url":"https://doi.org/10.1093/cybsec%2Ftyaf009>)","pdf_url":null,"source":{"id":"https://openalex.org/S4377196264","display_name":"Kent Academic Repository (University of Kent)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I20581793","host_organization_name":"University of Kent","host_organization_lineage":["https://openalex.org/I20581793"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":null,"raw_type":"PeerReviewed"}],"best_oa_location":{"id":"doi:10.1093/cybsec/tyaf009","is_oa":true,"landing_page_url":"https://doi.org/10.1093/cybsec/tyaf009","pdf_url":null,"source":{"id":"https://openalex.org/S2735156331","display_name":"Journal of Cybersecurity","issn_l":"2057-2085","issn":["2057-2085","2057-2093"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure","score":0.6434152722358704}],"awards":[{"id":"https://openalex.org/G2065967292","display_name":null,"funder_award_id":"101168562","funder_id":"https://openalex.org/F4320334322","funder_display_name":"HORIZON EUROPE Framework Programme"},{"id":"https://openalex.org/G2352982920","display_name":null,"funder_award_id":"PID2021-127409OB-C33","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G294886955","display_name":null,"funder_award_id":"PID2021-127409OB-C33","funder_id":"https://openalex.org/F4320315062","funder_display_name":"Ministerio de Ciencia, Innovaci\u00f3n y Universidades"},{"id":"https://openalex.org/G3293115889","display_name":null,"funder_award_id":"101070303","funder_id":"https://openalex.org/F4320334322","funder_display_name":"HORIZON EUROPE Framework Programme"},{"id":"https://openalex.org/G3771002347","display_name":null,"funder_award_id":"101168562","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G3812283928","display_name":null,"funder_award_id":"PID2021-127409OB-C33 CONDOR","funder_id":"https://openalex.org/F4320315062","funder_display_name":"Ministerio de Ciencia, Innovaci\u00f3n y Universidades"},{"id":"https://openalex.org/G4674161361","display_name":null,"funder_award_id":"CA 19121","funder_id":"https://openalex.org/F4320320366","funder_display_name":"European Cooperation in Science and Technology"},{"id":"https://openalex.org/G4699736089","display_name":null,"funder_award_id":"101084929","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G5242316204","display_name":null,"funder_award_id":"101070303","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G6771914938","display_name":null,"funder_award_id":"2021SGR-00111","funder_id":"https://openalex.org/F4320334830","funder_display_name":"Ag\u00e8ncia de Gesti\u00f3 d'Ajuts Universitaris i de Recerca"},{"id":"https://openalex.org/G6873517866","display_name":null,"funder_award_id":"CA 19121","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G7086834238","display_name":null,"funder_award_id":"101084929","funder_id":"https://openalex.org/F4320335254","funder_display_name":"Horizon 2020"},{"id":"https://openalex.org/G755846225","display_name":null,"funder_award_id":"2021SGR-00111","funder_id":"https://openalex.org/F4320315062","funder_display_name":"Ministerio de Ciencia, Innovaci\u00f3n y Universidades"},{"id":"https://openalex.org/G956478599","display_name":null,"funder_award_id":"RYC2023-044857-I","funder_id":"https://openalex.org/F4320322930","funder_display_name":"Ministerio de Ciencia e Innovaci\u00f3n"}],"funders":[{"id":"https://openalex.org/F4320315062","display_name":"Ministerio de Ciencia, Innovaci\u00f3n y Universidades","ror":null},{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320320366","display_name":"European Cooperation in Science and Technology","ror":"https://ror.org/01bstzn19"},{"id":"https://openalex.org/F4320322930","display_name":"Ministerio de Ciencia e Innovaci\u00f3n","ror":"https://ror.org/034900433"},{"id":"https://openalex.org/F4320334322","display_name":"HORIZON EUROPE Framework Programme","ror":null},{"id":"https://openalex.org/F4320334830","display_name":"Ag\u00e8ncia de Gesti\u00f3 d'Ajuts Universitaris i de Recerca","ror":"https://ror.org/01n4pqe45"},{"id":"https://openalex.org/F4320335254","display_name":"Horizon 2020","ror":null},{"id":"https://openalex.org/F4320335322","display_name":"European Regional Development Fund","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320335598","display_name":"Agencia Estatal de Investigaci\u00f3n","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":50,"referenced_works":["https://openalex.org/W1963898916","https://openalex.org/W1993220166","https://openalex.org/W2000163531","https://openalex.org/W2017840895","https://openalex.org/W2109394932","https://openalex.org/W2114771311","https://openalex.org/W2130778370","https://openalex.org/W2152125195","https://openalex.org/W2168745915","https://openalex.org/W2601591992","https://openalex.org/W2775261393","https://openalex.org/W2792599578","https://openalex.org/W2807312247","https://openalex.org/W2896604238","https://openalex.org/W2953225812","https://openalex.org/W2962912862","https://openalex.org/W2988961468","https://openalex.org/W2993999308","https://openalex.org/W3006165800","https://openalex.org/W3046933378","https://openalex.org/W3093612846","https://openalex.org/W3128652290","https://openalex.org/W3149815788","https://openalex.org/W3162887786","https://openalex.org/W3191936624","https://openalex.org/W3194201954","https://openalex.org/W3214926740","https://openalex.org/W3216660278","https://openalex.org/W4213423307","https://openalex.org/W4226333895","https://openalex.org/W4281295043","https://openalex.org/W4292411761","https://openalex.org/W4296982335","https://openalex.org/W4301260464","https://openalex.org/W4301420317","https://openalex.org/W4307134482","https://openalex.org/W4307570965","https://openalex.org/W4312241727","https://openalex.org/W4312427681","https://openalex.org/W4380320058","https://openalex.org/W4388686503","https://openalex.org/W6639102338","https://openalex.org/W6712619215","https://openalex.org/W6728047685","https://openalex.org/W6746065519","https://openalex.org/W6750764817","https://openalex.org/W6775997276","https://openalex.org/W6802691435","https://openalex.org/W6863946278","https://openalex.org/W6867085678"],"related_works":[],"abstract_inverted_index":{"Abstract":[0],"The":[1],"double-edged":[2],"sword":[3],"of":[4,7,17,120],"continuous":[5],"digitization":[6],"services":[8],"and":[9,44,58,126,137],"systems":[10],"opens":[11],"the":[12,30,99,113,117,121],"door":[13],"to":[14,36,55,71,91,130],"a":[15,47,88],"myriad":[16],"beneficial":[18],"opportunities,":[19],"as":[20,22,29,46],"well":[21],"challenging":[23],"threats.":[24],"Currently,":[25],"ransomware":[26,60],"is":[27,61,87],"catalogued":[28],"first":[31],"threat":[32],"in":[33,102,123],"cybersecurity":[34],"due":[35],"its":[37],"impact":[38],"on":[39,98],"organizations,":[40],"critical":[41,89],"infrastructure,":[42],"industry,":[43],"society":[45],"whole.":[48],"Thus,":[49],"devoting":[50],"efforts":[51],"toward":[52],"developing":[53],"methodologies":[54],"effectively":[56],"prevent":[57],"mitigate":[59],"crucial.":[62],"In":[63],"this":[64],"article,":[65],"we":[66],"present":[67],"an":[68],"accurate":[69],"method":[70],"identify":[72],"encrypted":[73],"bit":[74],"streams":[75,82],"by":[76],"differentiating":[77],"them":[78],"from":[79],"other":[80],"high-entropy":[81],"(e.g.":[83],"compressed":[84],"files),":[85],"which":[86],"task":[90],"detect":[92],"potentially":[93],"malicious":[94],"file":[95,100],"write":[96],"events":[97],"system":[101],"current":[103,118,134],"operating":[104],"systems.":[105,139],"After":[106],"extensive":[107],"evaluation,":[108],"our":[109],"findings":[110],"demonstrate":[111],"that":[112],"proposed":[114],"solution":[115],"outperforms":[116],"state":[119],"art":[122],"both":[124],"adaptability":[125],"accuracy,":[127],"enabling":[128],"it":[129],"be":[131],"integrated":[132],"into":[133],"Endpoint":[135],"Detection":[136],"Response":[138]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":1}],"updated_date":"2026-05-14T08:36:36.166977","created_date":"2025-10-10T00:00:00"}