{"id":"https://openalex.org/W2962912862","doi":"https://doi.org/10.1109/access.2019.2931136","title":"Machine Learning Based File Entropy Analysis for Ransomware Detection in Backup Systems","display_name":"Machine Learning Based File Entropy Analysis for Ransomware Detection in Backup Systems","publication_year":2019,"publication_date":"2019-01-01","ids":{"openalex":"https://openalex.org/W2962912862","doi":"https://doi.org/10.1109/access.2019.2931136","mag":"2962912862"},"language":"en","primary_location":{"id":"doi:10.1109/access.2019.2931136","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2019.2931136","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/8600701/08772046.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/8600701/08772046.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5015067516","display_name":"Kyungroul Lee","orcid":"https://orcid.org/0000-0003-1477-7569"},"institutions":[{"id":"https://openalex.org/I24541011","display_name":"Soonchunhyang University","ror":"https://ror.org/03qjsrb10","country_code":"KR","type":"education","lineage":["https://openalex.org/I24541011"]}],"countries":["KR"],"is_corresponding":true,"raw_author_name":"Kyungroul Lee","raw_affiliation_strings":["R&BD Center for Security and Safety Industries, Soonchunhyang University, Asan, South Korea"],"affiliations":[{"raw_affiliation_string":"R&BD Center for Security and Safety Industries, Soonchunhyang University, Asan, South Korea","institution_ids":["https://openalex.org/I24541011"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100669490","display_name":"Sun\u2010Young Lee","orcid":"https://orcid.org/0000-0002-4686-9436"},"institutions":[{"id":"https://openalex.org/I24541011","display_name":"Soonchunhyang University","ror":"https://ror.org/03qjsrb10","country_code":"KR","type":"education","lineage":["https://openalex.org/I24541011"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Sun-Young Lee","raw_affiliation_strings":["Department of Information Security Engineering, Soonchunhyang University, Asan, South Korea"],"affiliations":[{"raw_affiliation_string":"Department of Information Security Engineering, Soonchunhyang University, Asan, South Korea","institution_ids":["https://openalex.org/I24541011"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5058090532","display_name":"Kangbin Yim","orcid":"https://orcid.org/0000-0002-1361-1455"},"institutions":[{"id":"https://openalex.org/I24541011","display_name":"Soonchunhyang University","ror":"https://ror.org/03qjsrb10","country_code":"KR","type":"education","lineage":["https://openalex.org/I24541011"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Kangbin Yim","raw_affiliation_strings":["Department of Information Security Engineering, Soonchunhyang University, Asan, South Korea"],"affiliations":[{"raw_affiliation_string":"Department of Information Security Engineering, Soonchunhyang University, Asan, South Korea","institution_ids":["https://openalex.org/I24541011"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5015067516"],"corresponding_institution_ids":["https://openalex.org/I24541011"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":6.6999,"has_fulltext":true,"cited_by_count":119,"citation_normalized_percentile":{"value":0.97497253,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":100},"biblio":{"volume":"7","issue":null,"first_page":"110205","last_page":"110215"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.9743877649307251},{"id":"https://openalex.org/keywords/backup","display_name":"Backup","score":0.9202326536178589},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8081455826759338},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.5483719110488892},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.44686123728752136},{"id":"https://openalex.org/keywords/file-system","display_name":"File system","score":0.4455147087574005},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.43034863471984863},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.35463911294937134}],"concepts":[{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.9743877649307251},{"id":"https://openalex.org/C2780945871","wikidata":"https://www.wikidata.org/wiki/Q194274","display_name":"Backup","level":2,"score":0.9202326536178589},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8081455826759338},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.5483719110488892},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.44686123728752136},{"id":"https://openalex.org/C2780940931","wikidata":"https://www.wikidata.org/wiki/Q174989","display_name":"File system","level":2,"score":0.4455147087574005},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.43034863471984863},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.35463911294937134}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2019.2931136","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2019.2931136","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/8600701/08772046.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:dbfd053576c24f3aa89ff2e5c3ee3176","is_oa":true,"landing_page_url":"https://doaj.org/article/dbfd053576c24f3aa89ff2e5c3ee3176","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 7, Pp 110205-110215 (2019)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2019.2931136","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2019.2931136","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/8600701/08772046.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.6899999976158142,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G3034753964","display_name":null,"funder_award_id":"grant","funder_id":"https://openalex.org/F4320320671","funder_display_name":"National Research Foundation"},{"id":"https://openalex.org/G342704958","display_name":null,"funder_award_id":"funded","funder_id":"https://openalex.org/F4320322120","funder_display_name":"National Research Foundation of Korea"},{"id":"https://openalex.org/G3942910960","display_name":null,"funder_award_id":"(NRF) grant","funder_id":"https://openalex.org/F4320322120","funder_display_name":"National Research Foundation of Korea"},{"id":"https://openalex.org/G4345325301","display_name":null,"funder_award_id":"2018R1A4A1025632","funder_id":"https://openalex.org/F4320321301","funder_display_name":"Soonchunhyang University"},{"id":"https://openalex.org/G7243962406","display_name":null,"funder_award_id":"2018R1A4A1025632","funder_id":"https://openalex.org/F4320328359","funder_display_name":"Ministry of Science and ICT, South Korea"},{"id":"https://openalex.org/G7685055460","display_name":null,"funder_award_id":"Grant","funder_id":"https://openalex.org/F4320328359","funder_display_name":"Ministry of Science and ICT, South Korea"},{"id":"https://openalex.org/G7922358122","display_name":null,"funder_award_id":"2018R1A4A1025632","funder_id":"https://openalex.org/F4320322120","funder_display_name":"National Research Foundation of Korea"}],"funders":[{"id":"https://openalex.org/F4320320671","display_name":"National Research Foundation","ror":"https://ror.org/05s0g1g46"},{"id":"https://openalex.org/F4320321301","display_name":"Soonchunhyang University","ror":"https://ror.org/03qjsrb10"},{"id":"https://openalex.org/F4320322120","display_name":"National Research Foundation of Korea","ror":"https://ror.org/013aysd81"},{"id":"https://openalex.org/F4320328359","display_name":"Ministry of Science and ICT, South Korea","ror":"https://ror.org/01wpjm123"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2962912862.pdf","grobid_xml":"https://content.openalex.org/works/W2962912862.grobid-xml"},"referenced_works_count":44,"referenced_works":["https://openalex.org/W1893133781","https://openalex.org/W1973650920","https://openalex.org/W1994740897","https://openalex.org/W1995027824","https://openalex.org/W2011009207","https://openalex.org/W2050855115","https://openalex.org/W2052684427","https://openalex.org/W2106100548","https://openalex.org/W2117085409","https://openalex.org/W2117646649","https://openalex.org/W2136582936","https://openalex.org/W2138263042","https://openalex.org/W2140564944","https://openalex.org/W2145473366","https://openalex.org/W2239076602","https://openalex.org/W2245015425","https://openalex.org/W2290782568","https://openalex.org/W2324464293","https://openalex.org/W2339514484","https://openalex.org/W2367504390","https://openalex.org/W2461373307","https://openalex.org/W2461651791","https://openalex.org/W2502426438","https://openalex.org/W2524919294","https://openalex.org/W2556247010","https://openalex.org/W2559964890","https://openalex.org/W2566926062","https://openalex.org/W2752032793","https://openalex.org/W2760864453","https://openalex.org/W2762776925","https://openalex.org/W2766662076","https://openalex.org/W2784781042","https://openalex.org/W2841650358","https://openalex.org/W2889134866","https://openalex.org/W2898230711","https://openalex.org/W2900658357","https://openalex.org/W2905713651","https://openalex.org/W2915635916","https://openalex.org/W3015464002","https://openalex.org/W3119651796","https://openalex.org/W3152294918","https://openalex.org/W3206858529","https://openalex.org/W6696644344","https://openalex.org/W7027738607"],"related_works":["https://openalex.org/W3201228709","https://openalex.org/W2955195711","https://openalex.org/W2922354075","https://openalex.org/W4389157351","https://openalex.org/W4232561318","https://openalex.org/W3202245533","https://openalex.org/W4253977752","https://openalex.org/W2942879794","https://openalex.org/W2964829536","https://openalex.org/W4395116036"],"abstract_inverted_index":{"With":[0],"the":[1,106,109,120,136,158,162,175,180,192,210],"advent":[2],"of":[3,19,135],"big":[4],"data":[5,10,38],"and":[6,21,45,49,70,204],"cloud":[7,94],"services,":[8],"user":[9,28,181],"has":[11,39],"become":[12],"an":[13,128],"important":[14],"issue.":[15],"Although":[16],"a":[17,133,196],"variety":[18],"detection":[20,51,198,212],"prevention":[22],"technologies":[23],"are":[24,58,81,103],"used":[25],"to":[26,43,68,116,131,174],"protect":[27],"data,":[29],"ransomware":[30,62,72,88,102,167],"that":[31,84,170,191],"demands":[32],"money":[33],"in":[34,83],"exchange":[35],"for":[36,89,145],"one's":[37],"emerged.":[40],"In":[41,77,123],"order":[42],"detect":[44,69,87],"prevent":[46,71],"ransomware,":[47],"file-":[48],"behavior-based":[50],"methods":[52,80],"have":[53,171],"been":[54,172],"investigated.":[55],"Nevertheless,":[56],"we":[57,126],"still":[59],"facing":[60],"from":[61,161],"threats,":[63],"as":[64,93],"it":[65],"is":[66,143,183],"difficult":[67],"containing":[73],"unknown":[74],"malicious":[75],"codes.":[76],"particular,":[78],"these":[79],"limited":[82],"they":[85],"cannot":[86],"backup":[90,107,163,176],"systems":[91],"such":[92],"services.":[95],"For":[96],"instance,":[97],"if":[98,179],"files":[99,111,148,169],"infected":[100,110,147,168,184],"with":[101,105,200,209],"synchronized":[104,173],"systems,":[108],"will":[112],"not":[113],"be":[114,117],"able":[115],"restored":[118],"through":[119],"backed-up":[121],"files.":[122],"this":[124],"paper,":[125],"utilize":[127],"entropy":[129,151],"technique":[130],"measure":[132],"characteristic":[134],"encrypted":[137],"file":[138,150,160],"(i.e.,":[139],"uniformity).":[140],"Machine":[141],"learning":[142],"applied":[144],"classifying":[146],"based":[149],"analysis.":[152],"The":[153],"proposed":[154,193],"method":[155,194],"can":[156],"recover":[157],"original":[159],"system":[164,182],"by":[165,185],"detecting":[166],"system,":[177],"even":[178],"ransomware.":[186],"Conducted":[187],"analysis":[188],"results":[189],"confirm":[190],"provides":[195],"high":[197],"rate":[199],"low":[201],"false":[202,205],"positive":[203],"negative":[206],"rates":[207],"compared":[208],"existing":[211],"methods.":[213]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":23},{"year":2024,"cited_by_count":24},{"year":2023,"cited_by_count":29},{"year":2022,"cited_by_count":16},{"year":2021,"cited_by_count":14},{"year":2020,"cited_by_count":8},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":1}],"updated_date":"2026-03-16T09:10:04.655348","created_date":"2025-10-10T00:00:00"}