{"id":"https://openalex.org/W4402769726","doi":"https://doi.org/10.1109/access.2024.3461322","title":"MIRAD: A Method for Interpretable Ransomware Attack Detection","display_name":"MIRAD: A Method for Interpretable Ransomware Attack Detection","publication_year":2024,"publication_date":"2024-01-01","ids":{"openalex":"https://openalex.org/W4402769726","doi":"https://doi.org/10.1109/access.2024.3461322"},"language":"en","primary_location":{"id":"doi:10.1109/access.2024.3461322","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2024.3461322","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/access.2024.3461322","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5103015863","display_name":"Bartosz Marcinkowski","orcid":"https://orcid.org/0009-0000-2156-1833"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Bartosz Marcinkowski","raw_affiliation_strings":["MIM Solutions, Warsaw, Poland","MIM Solutions, Bitwy Warszawskiej 1920 r. 7B, Warsaw, Poland"],"affiliations":[{"raw_affiliation_string":"MIM Solutions, Warsaw, Poland","institution_ids":[]},{"raw_affiliation_string":"MIM Solutions, Bitwy Warszawskiej 1920 r. 7B, Warsaw, Poland","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010367778","display_name":"Maja Goschorska","orcid":"https://orcid.org/0000-0002-7330-9506"},"institutions":[{"id":"https://openalex.org/I57150801","display_name":"Sasol (Germany)","ror":"https://ror.org/04k59vn11","country_code":"DE","type":"company","lineage":["https://openalex.org/I4210117808","https://openalex.org/I57150801"]},{"id":"https://openalex.org/I912024754","display_name":"Sage (United Kingdom)","ror":"https://ror.org/01xhv6h58","country_code":"GB","type":"company","lineage":["https://openalex.org/I912024754"]}],"countries":["DE","GB"],"is_corresponding":false,"raw_author_name":"Maja Goschorska","raw_affiliation_strings":["Sagenso, Rzeszów, Poland","Sagenso, Pl. Jana Kilińskiego 2, Rzeszów, Poland"],"affiliations":[{"raw_affiliation_string":"Sagenso, Rzeszów, Poland","institution_ids":["https://openalex.org/I57150801"]},{"raw_affiliation_string":"Sagenso, Pl. Jana Kilińskiego 2, Rzeszów, Poland","institution_ids":["https://openalex.org/I912024754"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5093842788","display_name":"Natalia Wile\u0144ska","orcid":"https://orcid.org/0000-0003-4926-638X"},"institutions":[{"id":"https://openalex.org/I57150801","display_name":"Sasol (Germany)","ror":"https://ror.org/04k59vn11","country_code":"DE","type":"company","lineage":["https://openalex.org/I4210117808","https://openalex.org/I57150801"]},{"id":"https://openalex.org/I912024754","display_name":"Sage (United Kingdom)","ror":"https://ror.org/01xhv6h58","country_code":"GB","type":"company","lineage":["https://openalex.org/I912024754"]}],"countries":["DE","GB"],"is_corresponding":false,"raw_author_name":"Natalia Wile\u0144ska","raw_affiliation_strings":["Sagenso, Rzeszów, Poland","Sagenso, Pl. Jana Kilińskiego 2, Rzeszów, Poland"],"affiliations":[{"raw_affiliation_string":"Sagenso, Rzeszów, Poland","institution_ids":["https://openalex.org/I57150801"]},{"raw_affiliation_string":"Sagenso, Pl. Jana Kilińskiego 2, Rzeszów, Poland","institution_ids":["https://openalex.org/I912024754"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089109991","display_name":"Jakub Siuta","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jakub Siuta","raw_affiliation_strings":["MIM Solutions, Warsaw, Poland","MIM Solutions, Bitwy Warszawskiej 1920 r. 7B, Warsaw, Poland"],"affiliations":[{"raw_affiliation_string":"MIM Solutions, Warsaw, Poland","institution_ids":[]},{"raw_affiliation_string":"MIM Solutions, Bitwy Warszawskiej 1920 r. 7B, Warsaw, Poland","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5050914099","display_name":"Tomasz Kajdanowicz","orcid":"https://orcid.org/0000-0002-8417-1012"},"institutions":[{"id":"https://openalex.org/I57150801","display_name":"Sasol (Germany)","ror":"https://ror.org/04k59vn11","country_code":"DE","type":"company","lineage":["https://openalex.org/I4210117808","https://openalex.org/I57150801"]},{"id":"https://openalex.org/I912024754","display_name":"Sage (United Kingdom)","ror":"https://ror.org/01xhv6h58","country_code":"GB","type":"company","lineage":["https://openalex.org/I912024754"]}],"countries":["DE","GB"],"is_corresponding":false,"raw_author_name":"Tomasz Kajdanowicz","raw_affiliation_strings":["Sagenso, Rzeszów, Poland","Sagenso, Pl. Jana Kilińskiego 2, Rzeszów, Poland"],"affiliations":[{"raw_affiliation_string":"Sagenso, Rzeszów, Poland","institution_ids":["https://openalex.org/I57150801"]},{"raw_affiliation_string":"Sagenso, Pl. Jana Kilińskiego 2, Rzeszów, Poland","institution_ids":["https://openalex.org/I912024754"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5103015863"],"corresponding_institution_ids":[],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":1.4017,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.81956602,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":99},"biblio":{"volume":"12","issue":null,"first_page":"133810","last_page":"133820"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9951000213623047,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.964900016784668,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.8976346850395203},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6911873817443848},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5193194150924683},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.42687633633613586},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3306347727775574}],"concepts":[{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.8976346850395203},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6911873817443848},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5193194150924683},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.42687633633613586},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3306347727775574}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2024.3461322","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2024.3461322","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:f41d18b7787043318be3c7be1f8778ab","is_oa":true,"landing_page_url":"https://doaj.org/article/f41d18b7787043318be3c7be1f8778ab","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 12, Pp 133810-133820 (2024)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2024.3461322","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2024.3461322","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G8857799923","display_name":null,"funder_award_id":"POIR.01.01.01-00-0228/22","funder_id":"https://openalex.org/F4320335039","funder_display_name":"Narodowe Centrum Bada\u0144 i Rozwoju"}],"funders":[{"id":"https://openalex.org/F4320335039","display_name":"Narodowe Centrum Bada\u0144 i Rozwoju","ror":"https://ror.org/05pwfyy15"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":40,"referenced_works":["https://openalex.org/W1996796871","https://openalex.org/W2046945713","https://openalex.org/W2602517145","https://openalex.org/W2756675797","https://openalex.org/W2766662076","https://openalex.org/W2773511604","https://openalex.org/W2785743295","https://openalex.org/W2794482868","https://openalex.org/W2887954984","https://openalex.org/W2890196927","https://openalex.org/W2938888905","https://openalex.org/W2953056235","https://openalex.org/W2954539634","https://openalex.org/W2988809393","https://openalex.org/W2989588798","https://openalex.org/W3000953536","https://openalex.org/W3010934630","https://openalex.org/W3017051667","https://openalex.org/W3034402928","https://openalex.org/W3039822732","https://openalex.org/W3040422908","https://openalex.org/W3091011807","https://openalex.org/W3091730061","https://openalex.org/W3092353577","https://openalex.org/W3197120839","https://openalex.org/W3201224956","https://openalex.org/W4200030734","https://openalex.org/W4200055159","https://openalex.org/W4214871620","https://openalex.org/W4295854586","https://openalex.org/W4313325293","https://openalex.org/W4316690373","https://openalex.org/W4366447842","https://openalex.org/W4387097414","https://openalex.org/W4388141203","https://openalex.org/W4391333914","https://openalex.org/W4398199982","https://openalex.org/W6729193369","https://openalex.org/W6767857164","https://openalex.org/W6803373630"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W3201228709","https://openalex.org/W2922354075","https://openalex.org/W4389157351","https://openalex.org/W4232561318","https://openalex.org/W4253977752","https://openalex.org/W3120595989","https://openalex.org/W2962911305","https://openalex.org/W4224941017"],"abstract_inverted_index":{"In":[0,75],"the":[1,56,63],"face":[2],"of":[3,32,67,132],"escalating":[4],"crypto-ransomware":[5],"attacks,":[6],"we":[7],"introduce":[8],"MIRAD,":[9],"a":[10,82,89,109,115,126,135],"novel":[11],"dynamic":[12,119],"detection":[13,64,140],"method.":[14],"MIRAD":[15,40,107,133],"leverages":[16],"machine":[17],"learning":[18],"to":[19,55],"continuously":[20],"monitor":[21],"API":[22],"calls":[23],"and":[24,61,65,69,103,134,145],"registry":[25],"entries,":[26],"detecting":[27],"ransomware":[28,120,139,148],"at":[29],"all":[30],"stages":[31],"infection":[33],"while":[34],"maintaining":[35],"system":[36],"performance.":[37],"What":[38],"sets":[39],"apart":[41],"is":[42],"its":[43],"strong":[44],"focus":[45],"on":[46,78],"interpretability.":[47],"This":[48],"feature":[49],"allows":[50],"for":[51,129],"quick,":[52],"informed":[53],"adaptation":[54],"dynamically":[57],"changing":[58],"threat":[59],"landscape":[60],"enables":[62],"elimination":[66],"errors":[68],"biases":[70],"that":[71],"plague":[72],"black-box":[73],"models.":[74],"preliminary":[76],"tests":[77],"data":[79],"generated":[80],"in":[81,118,147],"simulated":[83],"user":[84],"environment,":[85],"our":[86],"method":[87],"demonstrates":[88],"high":[90],"ROC":[91],"AUC,":[92],"outperforming":[93],"standard":[94],"interpretable":[95],"models":[96],"such":[97],"as":[98],"Gaussian":[99],"Naive":[100],"Bayes,":[101],"KNN,":[102],"Decision":[104],"Trees.":[105],"Importantly,":[106],"achieves":[108],"low":[110],"false":[111],"positive":[112],"rate,":[113],"addressing":[114],"common":[116],"issue":[117],"detection.":[121],"Our":[122],"contributions":[123],"also":[124],"include":[125],"Python":[127],"library":[128],"easy":[130],"implementation":[131,146],"comprehensive,":[136],"publicly":[137],"available":[138],"dataset,":[141],"facilitating":[142],"broader":[143],"research":[144],"defense.":[149]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":2}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}