Ransomware has been one of the most prevalent forms of malware over the previous decade, and it continues to be one of the most significant threats today. Recently, ransomware strategies such as double extortion and rapid encryption have encouraged attacker communities to consider ransomware as a business model. With the advent of Ransomware as a Service (RaaS) models, ransomware spread and operations continue to increase. Even though machine learning and signature-based detection methods for ransomware have been proposed, they often fail to achieve very accurate detection. Ransomware that evades detection moves to the execution phase after initial access and installation. Due to the catastrophic nature of a ransomware attack, it is crucial to detect in its early stages of execution. If there is a method to detect ransomware in its execution phase early enough, then one can kill the processes to stop the ransomware attack. However, early detection with dynamic API call analysis is not an ideal solution, as the contemporary ransomware variants use low-level system calls to circumvent the detection methods. In this work, we use hardware performance counters (HPC) as features to detect the ransomware within 3-4 seconds - which may be sufficient, at least in the case of ransomware that takes longer to complete its full execution.

More from our Archive

• DOI: 10.3390/electronics12132857 2023

  Word-of-Mouth Engagement in Online Social Networks: Influence of Network Centrality and Density

  Bogdan Anastasiei, Nicoleta Dospinescu, Octavian Dospinescu

• DOI: 10.3390/systems11070329 2023

  Smarter and Prosperous: Digital Transformation and Enterprise Performance

  Da Gao, Zhiliang Yan, Xiaotian Zhou, Xinlin Mo

• DOI: 10.3390/systems11070351 2023

  Harnessing the Power of ChatGPT for Automating Systematic Review Process: Methodology, Case Study, Limitations, and Future Directions

  Ahmad Alshami, Moustafa Elsayed, Eslam Ali, Abdelrahman E. E. Eltoukhy, Tarek Zayed

• DOI: 10.3390/electronics12132921 2023

  Novel Heuristic Optimization Technique to Solve Economic Load Dispatch and Economic Emission Load Dispatch Problems

  Nagendra Singh, Tulika Chakrabarti, Prasun Chakrabarti, Martin Margala, Amit Gupta, S. Phani Praveen, Sivaneasan Bala Krishnan, Bhuvan Unhelkar

• DOI: 10.3390/systems11070336 2023

  Evaluation of Tourism Ecological Security and Its Driving Mechanism in the Yellow River Basin, China: Based on Open Systems Theory and DPSIR Model

  Xiaorong He, Chaoyue Cai, Jizhi Shi

• DOI: 10.1364/jocn.489228 2023

  Perspectives on and the road towards 100  Gb/s TDM PON with intensity-modulation and direct-detection

  Rene Bonk, Ed Harstead, Robert Borkowski, Vincent Houtsma, Yannick Lefevre, Amitkumar Mahadevan, Dora van Veen, Michiel Verplaetse, Sheldon Walklin

• DOI: 10.3390/electronics12143103 2023

  DDoS Attack Detection in IoT-Based Networks Using Machine Learning Models: A Survey and Research Directions

  Amal A. Alahmadi, Malak Aljabri, Fahd Alhaidari, Danyah J. Alharthi, Ghadi E. Rayani, Leena A. Marghalani, Ohoud B. Alotaibi, Shurooq A. Bajandouh

• DOI: 10.3390/computers12070141 2023

  A Deep Learning Network with Aggregation Residual Transformation for Human Activity Recognition Using Inertial and Stretch Sensors

  Sakorn Mekruksavanich, Anuchit Jitpattanakul

• DOI: 10.3390/systems11070348 2023

  Failure Mode and Effect Analysis with a Fuzzy Logic Approach

  José Jovani Cardiel-Ortega, Roberto Baeza-Serrato

• DOI: 10.3390/electronics12132984 2023

  DRL-Based Backbone SDN Control Methods in UAV-Assisted Networks for Computational Resource Efficiency

  Inseok Song, Prohim Tam, Seungwoo Kang, Seyha Ros, Seokhoon Kim