Photo credit: Michael Geiger
Engineering researchers have developed a new approach for implementing ransomware detection techniques, allowing them to detect a broad range of ransomware far more quickly than previous systems.
Ransomware is a type of malware. When a system is infiltrated by ransomware, the ransomware encrypts that system’s data – making the data inaccessible to users. The people responsible for the ransomware then extort the affected system’s operators, demanding money from the users in exchange for granting them access to their own data.
Ransomware extortion is hugely expensive, and instances of ransomware extortion are on the rise. The FBI reports receiving 3,729 ransomware complaints in 2021, with costs of more than $49 million. What’s more, 649 of those complaints were from organizations classified as critical infrastructure.
“Computing systems already make use of a variety of security tools that monitor incoming traffic to detect potential malware and prevent it from compromising the system,” says Paul Franzon, co-author of a paper on the new ransomware detection approach. “However, the big challenge here is detecting ransomware quickly enough to prevent it from getting a foothold in the system. Because as soon as ransomware enters the system, it begins encrypting files.” Franzon is Cirrus Logic Distinguished Professor of Electrical and Computer Engineering at North Carolina State University.
“There’s a machine-learning algorithm called XGBoost that is very good at detecting ransomware,” says Archit Gajjar, first author of the paper and a Ph.D. student at NC State. “However, when systems run XGBoost as software through a CPU or GPU, it’s very slow. And attempts to incorporate XGBoost into hardware systems have been hampered by a lack of flexibility – they focus on very specific challenges, and that specificity makes it difficult or impossible for them to monitor for the full array of ransomware attacks.
“We’ve developed a hardware-based approach that allows XGBoost to monitor for a wide range of ransomware attacks, but is much faster than any of the software approaches,” Gajjar says.
The new approach is called FAXID, and in proof-of-concept testing, the researchers found it was just as accurate as software-based approaches at detecting ransomware. The big difference was speed. FAXID was up to 65.8 times faster than software running XGBoost on a CPU and up to 5.3 times faster than software running XGBoost on a GPU.
“Another advantage of FAXID is that it allows us to run problems in parallel,” Gajjar says. “You could devote all of the dedicated security hardware’s resources to ransomware detection, and detect ransomware more quickly. But you could also allocate the security hardware’s computing power to separate problems. For example, you could devote a certain percentage of the hardware to ransomware detection and another percentage of the hardware to another challenge – such as fraud detection.”
“Our work on FAXID was funded by the Center for Advanced Electronics through Machine Learning (CAEML), which is a public-private partnership,” Franzon says. “The technology is already being made available to members of the center, and we know of at least one company that is making plans to implement it in their systems.”
Original Article: New Approach Allows for Faster Ransomware Detection
More from: North Carolina State University
The Latest Updates from Bing News & Google News
Go deeper with Bing News on:
Ransomware detection
- Rapid7 Extends Full Threat Cycle MDR with Patented Ransomware Prevention Capabilities
(NASDAQ: RPD), a leader in extended risk and threat detection, today announced new, patented ransomware prevention technology that delivers end-to-end ransomware coverage to anticipate advanced ...
- Enhance identity controls before banning ransomware payments
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the ...
- Every third cyber incident was due to ransomware, Kaspersky reports
Deploying solutions such as Kaspersky Endpoint Security and embracing Managed Detection and Response (MDR) capabilities are pivotal steps in safeguarding against evolving ransomware threats,” ...
- LockBit Ransomware Creator’s Face Revealed and Sanctioned
The notorious and infamous ransomware LockBit has wreaked havoc across the world, raking almost $500 million in ransom. Finally, its creator Dmitry ...
- Ransomware Attack Shuts Down Kansas City Systems
The city administration of Kansas's largest city shut down IT systems and switched to cash transactions in the wake of a ransomware attack detected on Sunday.
Go deeper with Google Headlines on:
Ransomware detection
[google_news title=”” keyword=”ransomware detection” num_posts=”5″ blurb_length=”0″ show_thumb=”left”]
Go deeper with Bing News on:
FAXID
- Sabrent debuts 5GB/s Rocket Nano 2242 Gen 4 SSD — a good fit for Lenovo Legion Go, laptops, and NUCs
Sabrent has unveiled a new M.2 2242 form factor SSD aimed at the Lenovo Legion Go handheld, as well as laptops and NUCs that use such drives. Sabrent uses Phison's E27T controller that sports 5GB/s of ...
- After eight decades, Haas Cabinets plans to close
Founded in 1939, Haas Cabinet opened its first plant in 1944, but now, some 80 years later, the company plans to shutter the Sellersburg, Indiana-based company. "Yes," commented Todd Haas, president ...
- Discover 12 Stores Like World Market: Best Alternatives and Affordable Options
World Market is a fun and interesting store, but there are better alternatives with cheaper prices and more sustainable products.
- Stellar Blade Guide – All Eve Outfits And How To Unlock Them
Here is a guide to all of the outfits that Eve can change into in Stellar Blade, as well as how to unlock them.
- These cars made a explosive entry in India, but their name got registered in the list of super flop cars
The Indian automobile market is renowned for its dynamism and diversity, with numerous brands vying for attention and dominance. Over the ye..|News Track ...
Go deeper with Google Headlines on:
FAXID
[google_news title=”” keyword=”FAXID” num_posts=”5″ blurb_length=”0″ show_thumb=”left”]