{"id":"https://openalex.org/W2794482868","doi":"https://doi.org/10.1109/comsnets.2018.8328219","title":"RansomWall: A layered defense system against cryptographic ransomware attacks using machine learning","display_name":"RansomWall: A layered defense system against cryptographic ransomware attacks using machine learning","publication_year":2018,"publication_date":"2018-01-01","ids":{"openalex":"https://openalex.org/W2794482868","doi":"https://doi.org/10.1109/comsnets.2018.8328219","mag":"2794482868"},"language":"en","primary_location":{"id":"doi:10.1109/comsnets.2018.8328219","is_oa":false,"landing_page_url":"https://doi.org/10.1109/comsnets.2018.8328219","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2018 10th International Conference on Communication Systems &amp; Networks (COMSNETS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5027373731","display_name":"Saiyed Kashif Shaukat","orcid":null},"institutions":[{"id":"https://openalex.org/I68891433","display_name":"Indian Institute of Technology Delhi","ror":"https://ror.org/049tgcd06","country_code":"IN","type":"education","lineage":["https://openalex.org/I68891433"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"Saiyed Kashif Shaukat","raw_affiliation_strings":["Department of Computer Science and Engineering, Indian Institute of Technology Delhi, Hauz Khas, New Delhi, India"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Indian Institute of Technology Delhi, Hauz Khas, New Delhi, India","institution_ids":["https://openalex.org/I68891433"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5034236411","display_name":"Vinay J. Ribeiro","orcid":"https://orcid.org/0000-0001-5627-5343"},"institutions":[{"id":"https://openalex.org/I68891433","display_name":"Indian Institute of Technology Delhi","ror":"https://ror.org/049tgcd06","country_code":"IN","type":"education","lineage":["https://openalex.org/I68891433"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Vinay J. Ribeiro","raw_affiliation_strings":["Department of Computer Science and Engineering, Indian Institute of Technology Delhi, Hauz Khas, New Delhi, India"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Indian Institute of Technology Delhi, Hauz Khas, New Delhi, India","institution_ids":["https://openalex.org/I68891433"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5027373731"],"corresponding_institution_ids":["https://openalex.org/I68891433"],"apc_list":null,"apc_paid":null,"fwci":6.9642,"has_fulltext":false,"cited_by_count":118,"citation_normalized_percentile":{"value":0.97730524,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"356","last_page":"363"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9836999773979187,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9728000164031982,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.9346738457679749},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7645329236984253},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6861997842788696},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.6244250535964966},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5584847927093506},{"id":"https://openalex.org/keywords/false-positive-paradox","display_name":"False positive paradox","score":0.5377220511436462},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.4757213890552521},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.28249961137771606}],"concepts":[{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.9346738457679749},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7645329236984253},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6861997842788696},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.6244250535964966},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5584847927093506},{"id":"https://openalex.org/C64869954","wikidata":"https://www.wikidata.org/wiki/Q1859747","display_name":"False positive paradox","level":2,"score":0.5377220511436462},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.4757213890552521},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.28249961137771606}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/comsnets.2018.8328219","is_oa":false,"landing_page_url":"https://doi.org/10.1109/comsnets.2018.8328219","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2018 10th International Conference on Communication Systems &amp; Networks (COMSNETS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4399999976158142,"id":"https://metadata.un.org/sdg/17","display_name":"Partnerships for the goals"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":12,"referenced_works":["https://openalex.org/W1584505081","https://openalex.org/W2083183119","https://openalex.org/W2085562432","https://openalex.org/W2101234009","https://openalex.org/W2119359024","https://openalex.org/W2151135920","https://openalex.org/W2152442131","https://openalex.org/W2296579688","https://openalex.org/W2461373307","https://openalex.org/W2461651791","https://openalex.org/W6675354045","https://openalex.org/W6718890697"],"related_works":["https://openalex.org/W1975357770","https://openalex.org/W4249009605","https://openalex.org/W2477251628","https://openalex.org/W2900526031","https://openalex.org/W2395100307","https://openalex.org/W3183826413","https://openalex.org/W4243179955","https://openalex.org/W2968504645","https://openalex.org/W2557742076","https://openalex.org/W4234891089"],"abstract_inverted_index":{"Recent":[0],"worldwide":[1],"cybersecurity":[2],"attacks":[3,57],"caused":[4],"by":[5,32,49,92,175,205],"Cryptographic":[6,93,117,206,216],"Ransomware":[7,56,94,141,171,190,217],"infected":[8],"systems":[9],"across":[10],"countries":[11],"and":[12,35,63,127,208,237],"organizations":[13],"with":[14,227,241,260],"millions":[15],"of":[16,25,65,101,105,124,136,144,164,225],"dollars":[17],"lost":[18],"in":[19,150,219],"paying":[20],"extortion":[21],"amounts.":[22],"This":[23,96],"form":[24],"malicious":[26],"software":[27],"takes":[28],"user":[29,183,221],"files":[30,173],"hostage":[31],"encrypting":[33],"them":[34],"demands":[36],"a":[37,110,121,132,145,167],"large":[38],"ransom":[39],"payment":[40],"for":[41,79,114,157,169,181,196],"providing":[42],"the":[43,87,140,176],"decryption":[44],"key.":[45],"Signature-based":[46],"methods":[47],"employed":[48],"Antivirus":[50],"Software":[51],"are":[52,74,178],"insufficient":[53],"to":[54,59,130,233,265],"evade":[55],"due":[58],"code":[60],"obfuscation":[61],"techniques":[62],"creation":[64],"new":[66],"polymorphic":[67],"variants":[68],"everyday.":[69],"Generic":[70],"Malware":[71],"Attack":[72],"vectors":[73],"also":[75,247],"not":[76,84],"robust":[77],"enough":[78],"detection":[80,235,258],"as":[81,189],"they":[82],"do":[83],"completely":[85],"track":[86],"specific":[88],"behavioral":[89],"patterns":[90],"shown":[91],"families.":[95],"work":[97],"based":[98],"on":[99],"analysis":[100,129],"an":[102],"extensive":[103],"dataset":[104],"Ran-somware":[106],"families":[107,218],"presents":[108],"RansomWall,":[109],"layered":[111],"defense":[112],"system":[113,200],"protection":[115],"against":[116,211],"Ransomware.":[118],"It":[119,153,246],"follows":[120],"Hybrid":[122],"approach":[123],"combined":[125],"Static":[126],"Dynamic":[128],"generate":[131],"novel":[133],"compact":[134],"set":[135],"features":[137],"that":[138],"characterizes":[139],"behavior.":[142],"Presence":[143],"Strong":[146],"Trap":[147],"Layer":[148],"helps":[149],"early":[151],"detection.":[152],"uses":[154],"Machine":[155,229],"Learning":[156,230],"unearthing":[158],"zero-day":[159,251],"intrusions.":[160],"When":[161],"initial":[162],"layers":[163],"RansomWall":[165,195,226],"tag":[166],"process":[168,177],"suspicious":[170],"behavior,":[172],"modified":[174],"backed":[179],"up":[180],"preserving":[182],"data":[184],"until":[185],"it":[186,210],"is":[187],"classified":[188],"or":[191],"Benign.":[192],"We":[193],"implemented":[194],"Microsoft":[197],"Windows":[198],"operating":[199],"(the":[201],"most":[202],"attacked":[203],"OS":[204],"Ransomware)":[207],"evaluated":[209,232],"574":[212],"samples":[213,253],"from":[214],"12":[215],"real-world":[220],"environments.":[222],"The":[223],"testing":[224],"various":[228],"algorithms":[231],"98.25%":[234],"rate":[236,259],"near-zero":[238],"false":[239],"positives":[240],"Gradient":[242],"Tree":[243],"Boosting":[244],"Algorithm.":[245],"successfully":[248],"detected":[249],"30":[250],"intrusion":[252],"(having":[254],"less":[255],"than":[256],"10%":[257],"60":[261],"Security":[262],"Engines":[263],"linked":[264],"VirusTotal).":[266]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":15},{"year":2024,"cited_by_count":18},{"year":2023,"cited_by_count":21},{"year":2022,"cited_by_count":20},{"year":2021,"cited_by_count":13},{"year":2020,"cited_by_count":17},{"year":2019,"cited_by_count":10},{"year":2018,"cited_by_count":2}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}