{"id":"https://openalex.org/W4413063655","doi":"https://doi.org/10.3390/fi17070311","title":"A Deep Learning Framework for Enhanced Detection of Polymorphic Ransomware","display_name":"A Deep Learning Framework for Enhanced Detection of Polymorphic Ransomware","publication_year":2025,"publication_date":"2025-07-18","ids":{"openalex":"https://openalex.org/W4413063655","doi":"https://doi.org/10.3390/fi17070311"},"language":"en","primary_location":{"id":"doi:10.3390/fi17070311","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi17070311","pdf_url":null,"source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.3390/fi17070311","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5022432783","display_name":"Mazen Gazzan","orcid":null},"institutions":[{"id":"https://openalex.org/I47164929","display_name":"Najran University","ror":"https://ror.org/05edw4a90","country_code":"SA","type":"education","lineage":["https://openalex.org/I47164929"]}],"countries":["SA"],"is_corresponding":true,"raw_author_name":"Mazen Gazzan","raw_affiliation_strings":["Department of Information Systems, College of Computer Science and Information Systems, Najran University, Najran 61441, Saudi Arabia"],"affiliations":[{"raw_affiliation_string":"Department of Information Systems, College of Computer Science and Information Systems, Najran University, Najran 61441, Saudi Arabia","institution_ids":["https://openalex.org/I47164929"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5119251750","display_name":"Bader Alobaywi","orcid":"https://orcid.org/0009-0004-1029-8071"},"institutions":[{"id":"https://openalex.org/I155093810","display_name":"University of Idaho","ror":"https://ror.org/03hbp5t65","country_code":"US","type":"education","lineage":["https://openalex.org/I155093810"]},{"id":"https://openalex.org/I4210112337","display_name":"University of Hafr Al-Batin","ror":"https://ror.org/021jt1927","country_code":"SA","type":"education","lineage":["https://openalex.org/I4210112337"]}],"countries":["SA","US"],"is_corresponding":false,"raw_author_name":"Bader Alobaywi","raw_affiliation_strings":["College of Computer Science and Engineering, University of Hafr Al Batin, Hafar Al Batin 39923, Saudi Arabia","Department of Computer Science, College of Engineering, University of Idaho, Moscow, ID 83844, USA"],"affiliations":[{"raw_affiliation_string":"College of Computer Science and Engineering, University of Hafr Al Batin, Hafar Al Batin 39923, Saudi Arabia","institution_ids":["https://openalex.org/I4210112337"]},{"raw_affiliation_string":"Department of Computer Science, College of Engineering, University of Idaho, Moscow, ID 83844, USA","institution_ids":["https://openalex.org/I155093810"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101799271","display_name":"Mohammed M. Almutairi","orcid":"https://orcid.org/0009-0001-5791-6074"},"institutions":[{"id":"https://openalex.org/I155093810","display_name":"University of Idaho","ror":"https://ror.org/03hbp5t65","country_code":"US","type":"education","lineage":["https://openalex.org/I155093810"]},{"id":"https://openalex.org/I4210112337","display_name":"University of Hafr Al-Batin","ror":"https://ror.org/021jt1927","country_code":"SA","type":"education","lineage":["https://openalex.org/I4210112337"]}],"countries":["SA","US"],"is_corresponding":false,"raw_author_name":"Mohammed Almutairi","raw_affiliation_strings":["College of Computer Science and Engineering, University of Hafr Al Batin, Hafar Al Batin 39923, Saudi Arabia","Department of Computer Science, College of Engineering, University of Idaho, Moscow, ID 83844, USA"],"affiliations":[{"raw_affiliation_string":"College of Computer Science and Engineering, University of Hafr Al Batin, Hafar Al Batin 39923, Saudi Arabia","institution_ids":["https://openalex.org/I4210112337"]},{"raw_affiliation_string":"Department of Computer Science, College of Engineering, University of Idaho, Moscow, ID 83844, USA","institution_ids":["https://openalex.org/I155093810"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5019549865","display_name":"Frederick T. Sheldon","orcid":"https://orcid.org/0000-0003-1241-2750"},"institutions":[{"id":"https://openalex.org/I155093810","display_name":"University of Idaho","ror":"https://ror.org/03hbp5t65","country_code":"US","type":"education","lineage":["https://openalex.org/I155093810"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Frederick T. Sheldon","raw_affiliation_strings":["Department of Computer Science, College of Engineering, University of Idaho, Moscow, ID 83844, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, College of Engineering, University of Idaho, Moscow, ID 83844, USA","institution_ids":["https://openalex.org/I155093810"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5022432783"],"corresponding_institution_ids":["https://openalex.org/I47164929"],"apc_list":{"value":1400,"currency":"CHF","value_usd":1515},"apc_paid":{"value":1400,"currency":"CHF","value_usd":1515},"fwci":5.9488,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.96324822,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":95,"max":99},"biblio":{"volume":"17","issue":"7","first_page":"311","last_page":"311"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9732999801635742,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9147999882698059,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8747618198394775},{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.808941125869751},{"id":"https://openalex.org/keywords/false-positive-paradox","display_name":"False positive paradox","score":0.7792608737945557},{"id":"https://openalex.org/keywords/overfitting","display_name":"Overfitting","score":0.6171497106552124},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5500621795654297},{"id":"https://openalex.org/keywords/false-positives-and-false-negatives","display_name":"False positives and false negatives","score":0.533860981464386},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4927723705768585},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.45670366287231445},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.45253899693489075},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.44236335158348083},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.2928784489631653},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.28102490305900574},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.24416708946228027}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8747618198394775},{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.808941125869751},{"id":"https://openalex.org/C64869954","wikidata":"https://www.wikidata.org/wiki/Q1859747","display_name":"False positive paradox","level":2,"score":0.7792608737945557},{"id":"https://openalex.org/C22019652","wikidata":"https://www.wikidata.org/wiki/Q331309","display_name":"Overfitting","level":3,"score":0.6171497106552124},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5500621795654297},{"id":"https://openalex.org/C112789634","wikidata":"https://www.wikidata.org/wiki/Q18207010","display_name":"False positives and false negatives","level":3,"score":0.533860981464386},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4927723705768585},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.45670366287231445},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.45253899693489075},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.44236335158348083},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.2928784489631653},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.28102490305900574},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.24416708946228027},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.3390/fi17070311","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi17070311","pdf_url":null,"source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:dd5410141b794829b75c7861eecf1303","is_oa":true,"landing_page_url":"https://doaj.org/article/dd5410141b794829b75c7861eecf1303","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Future Internet, Vol 17, Iss 7, p 311 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.3390/fi17070311","is_oa":true,"landing_page_url":"https://doi.org/10.3390/fi17070311","pdf_url":null,"source":{"id":"https://openalex.org/S34838331","display_name":"Future Internet","issn_l":"1999-5903","issn":["1999-5903"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Future Internet","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":86,"referenced_works":["https://openalex.org/W1565581850","https://openalex.org/W1919244634","https://openalex.org/W1986989387","https://openalex.org/W1996716108","https://openalex.org/W2014142822","https://openalex.org/W2043356179","https://openalex.org/W2055177687","https://openalex.org/W2067327603","https://openalex.org/W2072386950","https://openalex.org/W2119359024","https://openalex.org/W2177710037","https://openalex.org/W2204544304","https://openalex.org/W2295812630","https://openalex.org/W2296579688","https://openalex.org/W2307930854","https://openalex.org/W2367504390","https://openalex.org/W2513529237","https://openalex.org/W2526582864","https://openalex.org/W2535044533","https://openalex.org/W2587807396","https://openalex.org/W2592102543","https://openalex.org/W2618809693","https://openalex.org/W2736405392","https://openalex.org/W2766662076","https://openalex.org/W2784028699","https://openalex.org/W2784113120","https://openalex.org/W2888975450","https://openalex.org/W2933127114","https://openalex.org/W2953056235","https://openalex.org/W2980609871","https://openalex.org/W2987085812","https://openalex.org/W2997032875","https://openalex.org/W3010934630","https://openalex.org/W3011974631","https://openalex.org/W3020687048","https://openalex.org/W3036847733","https://openalex.org/W3039822732","https://openalex.org/W3047621094","https://openalex.org/W3092353577","https://openalex.org/W3094915090","https://openalex.org/W3104141960","https://openalex.org/W3127833313","https://openalex.org/W3132588576","https://openalex.org/W3134215180","https://openalex.org/W3153504813","https://openalex.org/W3156454600","https://openalex.org/W3158731032","https://openalex.org/W3175123466","https://openalex.org/W3185244527","https://openalex.org/W3203444100","https://openalex.org/W3211038209","https://openalex.org/W3212046143","https://openalex.org/W3214951365","https://openalex.org/W4200569302","https://openalex.org/W4205203504","https://openalex.org/W4205876068","https://openalex.org/W4214744072","https://openalex.org/W4241272628","https://openalex.org/W4283746445","https://openalex.org/W4285141068","https://openalex.org/W4306904949","https://openalex.org/W4307861851","https://openalex.org/W4308862656","https://openalex.org/W4310873013","https://openalex.org/W4312138431","https://openalex.org/W4313404417","https://openalex.org/W4319066581","https://openalex.org/W4363648096","https://openalex.org/W4376851776","https://openalex.org/W4387342650","https://openalex.org/W4388775013","https://openalex.org/W4389454898","https://openalex.org/W4390423677","https://openalex.org/W4390636702","https://openalex.org/W4390673835","https://openalex.org/W4391785438","https://openalex.org/W4392561927","https://openalex.org/W4393352780","https://openalex.org/W4396666545","https://openalex.org/W4401388601","https://openalex.org/W6649306778","https://openalex.org/W6694659523","https://openalex.org/W6708128796","https://openalex.org/W6729290189","https://openalex.org/W6790868287","https://openalex.org/W6804527373"],"related_works":["https://openalex.org/W1557094818","https://openalex.org/W2183246718","https://openalex.org/W1973412793","https://openalex.org/W2099261052","https://openalex.org/W4292605373","https://openalex.org/W2951146195","https://openalex.org/W4226316650","https://openalex.org/W3123215897","https://openalex.org/W2153600354","https://openalex.org/W4243739114"],"abstract_inverted_index":{"Ransomware,":[0],"a":[1,20,70,108,134],"significant":[2],"cybersecurity":[3],"threat,":[4],"encrypts":[5],"files":[6],"and":[7,32,50,102,106,120,148,175,196],"causes":[8],"substantial":[9],"damage,":[10],"making":[11],"early":[12,25],"detection":[13,113,138,194],"crucial":[14],"yet":[15],"challenging.":[16],"This":[17],"paper":[18],"introduces":[19],"novel":[21],"multi-phase":[22],"framework":[23,37,183],"for":[24,92],"ransomware":[26,61,80,100],"detection,":[27],"designed":[28],"to":[29,55,58,77,98,128,142,154,162,173,179],"enhance":[30],"accuracy":[31,139,161,172,195],"minimize":[33],"false":[34,150,166,177],"positives.":[35,167],"The":[36,131,156,168],"addresses":[38,185],"the":[39,59,117,186],"limitations":[40],"of":[41],"existing":[42],"methods":[43],"by":[44,189],"integrating":[45],"operational":[46],"data":[47,67,84,119,146],"with":[48,122],"situational":[49],"threat":[51],"intelligence,":[52],"enabling":[53],"it":[54],"dynamically":[56,93],"adapt":[57],"evolving":[60,99,190],"landscape.":[62],"Key":[63],"innovations":[64],"include":[65],"(1)":[66],"augmentation":[68],"using":[69],"Bi-Gradual":[71],"Minimax":[72],"Generative":[73],"Adversarial":[74],"Network":[75,111],"(BGM-GAN)":[76],"generate":[78],"synthetic":[79,145],"attack":[81],"patterns,":[82],"addressing":[83],"insufficiency;":[85],"(2)":[86],"Incremental":[87],"Mutual":[88],"Information":[89],"Selection":[90],"(IMIS)":[91],"selecting":[94],"relevant":[95],"features,":[96],"adapting":[97],"behaviors":[101],"reducing":[103,165],"computational":[104],"overhead;":[105],"(3)":[107],"Deep":[109],"Belief":[110],"(DBN)":[112],"architecture,":[114],"trained":[115],"on":[116],"augmented":[118],"optimized":[121],"Uncertainty-Aware":[123],"Dynamic":[124],"Early":[125],"Stopping":[126],"(UA-DES)":[127],"prevent":[129],"overfitting.":[130],"model":[132],"demonstrates":[133],"4%":[135],"improvement":[136],"in":[137],"(from":[140],"90%":[141],"94%)":[143],"through":[144],"generation":[147],"reduces":[149],"positives":[151,178],"from":[152],"15.4%":[153],"14%.":[155],"IMIS":[157],"technique":[158],"further":[159],"increases":[160],"96%":[163],"while":[164],"UA-DES":[169],"optimization":[170],"boosts":[171],"98.6%":[174],"lowers":[176],"10%.":[180],"Overall,":[181],"this":[182],"effectively":[184],"challenges":[187],"posed":[188],"ransomware,":[191],"significantly":[192],"enhancing":[193],"reliability.":[197]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":2}],"updated_date":"2026-03-29T08:15:47.926485","created_date":"2025-10-10T00:00:00"}