TY - GEN
T1 - FLDetect
T2 - 2023 IEEE Global Communications Conference, GLOBECOM 2023
AU - Petros, Tomas
AU - Ghirmay, Henos
AU - Otoum, Safa
AU - Salem, Reem
AU - Debbah, Mérouane
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Ransomware, a malicious piece of software responsible for several high-profile attacks in recent years, poses a significant threat to organizations of all sizes. Such attacks can cause significant operational and financial harm, including system interruptions and compromises of system integrity. By developing the ability to detect and prevent ransomware attacks, we can contribute to the creation of a more secure and safe digital ecosystem. In this research, we propose FLDetect, a unique Federated Learning (FL)-based method for identifying ransomware on Windows machines. Windows machines, integral to Internet of Things (loT) networks, can act as brokers to other sensor nodes, rendering them susceptible to such attacks. Our approach utilizes distributed computing to train a Machine Learning (ML) model using data from various devices without relying on centralized data storage. The API-call-pattern-based detection method is the preferred approach for detecting ransomware in this paper. We made use of an open-source dataset, known as ransomwaredataset2016, for a comparable objective. The global model's accuracy was 93.1% after we trained it with twenty different devices. Our results demonstrate that our method is effective in identifying ransomware while maintaining the privacy and security of the training data by utilizing FL.
AB - Ransomware, a malicious piece of software responsible for several high-profile attacks in recent years, poses a significant threat to organizations of all sizes. Such attacks can cause significant operational and financial harm, including system interruptions and compromises of system integrity. By developing the ability to detect and prevent ransomware attacks, we can contribute to the creation of a more secure and safe digital ecosystem. In this research, we propose FLDetect, a unique Federated Learning (FL)-based method for identifying ransomware on Windows machines. Windows machines, integral to Internet of Things (loT) networks, can act as brokers to other sensor nodes, rendering them susceptible to such attacks. Our approach utilizes distributed computing to train a Machine Learning (ML) model using data from various devices without relying on centralized data storage. The API-call-pattern-based detection method is the preferred approach for detecting ransomware in this paper. We made use of an open-source dataset, known as ransomwaredataset2016, for a comparable objective. The global model's accuracy was 93.1% after we trained it with twenty different devices. Our results demonstrate that our method is effective in identifying ransomware while maintaining the privacy and security of the training data by utilizing FL.
KW - API
KW - Federated Learning (FL)
KW - Ransomware Detection
KW - Windows Security
UR - http://www.scopus.com/inward/record.url?scp=85187340958&partnerID=8YFLogxK
U2 - 10.1109/GLOBECOM54140.2023.10437540
DO - 10.1109/GLOBECOM54140.2023.10437540
M3 - Conference contribution
AN - SCOPUS:85187340958
T3 - Proceedings - IEEE Global Communications Conference, GLOBECOM
SP - 4449
EP - 4454
BT - GLOBECOM 2023 - 2023 IEEE Global Communications Conference
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 4 December 2023 through 8 December 2023
ER -