Photo credit: Michael Geiger
Engineering researchers have developed a new approach for implementing ransomware detection techniques, allowing them to detect a broad range of ransomware far more quickly than previous systems.
Ransomware is a type of malware. When a system is infiltrated by ransomware, the ransomware encrypts that system’s data – making the data inaccessible to users. The people responsible for the ransomware then extort the affected system’s operators, demanding money from the users in exchange for granting them access to their own data.
Ransomware extortion is hugely expensive, and instances of ransomware extortion are on the rise. The FBI reports receiving 3,729 ransomware complaints in 2021, with costs of more than $49 million. What’s more, 649 of those complaints were from organizations classified as critical infrastructure.
“Computing systems already make use of a variety of security tools that monitor incoming traffic to detect potential malware and prevent it from compromising the system,” says Paul Franzon, co-author of a paper on the new ransomware detection approach. “However, the big challenge here is detecting ransomware quickly enough to prevent it from getting a foothold in the system. Because as soon as ransomware enters the system, it begins encrypting files.” Franzon is Cirrus Logic Distinguished Professor of Electrical and Computer Engineering at North Carolina State University.
“There’s a machine-learning algorithm called XGBoost that is very good at detecting ransomware,” says Archit Gajjar, first author of the paper and a Ph.D. student at NC State. “However, when systems run XGBoost as software through a CPU or GPU, it’s very slow. And attempts to incorporate XGBoost into hardware systems have been hampered by a lack of flexibility – they focus on very specific challenges, and that specificity makes it difficult or impossible for them to monitor for the full array of ransomware attacks.
“We’ve developed a hardware-based approach that allows XGBoost to monitor for a wide range of ransomware attacks, but is much faster than any of the software approaches,” Gajjar says.
The new approach is called FAXID, and in proof-of-concept testing, the researchers found it was just as accurate as software-based approaches at detecting ransomware. The big difference was speed. FAXID was up to 65.8 times faster than software running XGBoost on a CPU and up to 5.3 times faster than software running XGBoost on a GPU.
“Another advantage of FAXID is that it allows us to run problems in parallel,” Gajjar says. “You could devote all of the dedicated security hardware’s resources to ransomware detection, and detect ransomware more quickly. But you could also allocate the security hardware’s computing power to separate problems. For example, you could devote a certain percentage of the hardware to ransomware detection and another percentage of the hardware to another challenge – such as fraud detection.”
“Our work on FAXID was funded by the Center for Advanced Electronics through Machine Learning (CAEML), which is a public-private partnership,” Franzon says. “The technology is already being made available to members of the center, and we know of at least one company that is making plans to implement it in their systems.”
Original Article: New Approach Allows for Faster Ransomware Detection
More from: North Carolina State University
The Latest Updates from Bing News & Google News
Go deeper with Bing News on:
- Sophos Global Survey Shows 94% Increase in Ransomware Attacks on Healthcare Organizations in 2021
Kindly share this post Sophos, a global leader in next-generation cybersecurity, has published a new sectoral survey report, “The State of Ransomware in Healthcare 2022.” The findings reveal a 94% ...
- Tenable research reveals “Do-It-Yourself” ransomware kits have created thriving cottage industry of cybercrime
In 2020 alone, ransomware groups reportedly earned $692 million from their collective attacks, a 380% increase over the previous six years combined Related To: Tenable Columbia, MD, June 22, 2022 -- ...
- Chinese APT Group Likely Using Ransomware Attacks as Cover for IP Theft
Bronze Starlight’s use of multiple ransomware families and its victim-targeting suggest there’s more to the group’s activities than just financial gain, security vendor says.
- Chinese hackers suspected of using ransomware as smokescreen for espionage
Security researchers at Secureworks Inc.’s Counter Threat Unit today published a new report on a Chinese hacking group suspected of deploying ransomware as a smokescreen for espionage. The group, ...
- Quick Endpoint Recovery From Ransomware Is Needed Even With Data In The Cloud
Proactive cybersecurity protection requires a multifunction approach, which includes planning for worst-case events, training and educating workers and deploying diverse cybersecurity technology.
Go deeper with Google Headlines on:
Go deeper with Bing News on:
- LITTLE SAINTS INTRODUCES SPICY MARGARITA AND MIMOSA FLAVORS INTO THEIR COLLECTION OF PLANT MAGIC MOCKTAILS IN TIME FOR SUMMER'
As an environmental lawyer early in her career, Megan fought against frackers and factory farm polluters. Later, she became a modern farmer, running the country's largest vertical farm and playing ...
- Bengal: DYFI Begins Survey of Singur Farmers Who Haven’t Got Back Land Despite SC Order
Land was acquired for Tata Nano car factory in 2006, but TMC, which drove the project out of Bengal, is yet to return land to several farmers, says CP(M).
- Odisha: Block development officer arrested for crores in assets
Odisha vigilance on Sunday arrested a block development officer (BDO) for amassing properties disproportionate to his known source of income. BDO Ashwini Kumar Das is posted at Jaleswar block in ...
- Seven Strategies For Maximizing Branded Content
How can marketing teams deliver the amount of content they need to in a cost-effective way? Let's explore some innovative solutions that smart marketers should tap into in 2022.
- Micro and Nano PLC Market Segments and Forecast from 2022-30 | IDEC Corporation, Siemens, ABB, Mitsubishi
Micro and nano PLC has likewise been portioned based ... Scrapped metal and concrete debris is all that remains of the Azovstal steel factory in Mariupol, a symbol of Ukraine's weeks-long resistance.