Digital integration within healthcare systems exacerbates their vulnerability to sophisticated ransomware threats, leading to severe operational disruptions and data breaches. Current defenses are typically categorize...Digital integration within healthcare systems exacerbates their vulnerability to sophisticated ransomware threats, leading to severe operational disruptions and data breaches. Current defenses are typically categorized into active and passive measures that struggle to achieve comprehensive threat mitigation and often lack real-time response effectiveness. This paper presents an innovative ransomware defense system, ERAD, designed for healthcare environments that apply the MITRE ATT&CK Matrix to coordinate dynamic, stage-specific countermeasures throughout the ransomware attack lifecycle. By systematically identifying and addressing threats based on indicators of compromise (IOCs), the proposed system proactively disrupts the attack chain before serious damage occurs. Validation is provided through a detailed analysis of a system deployment against LockBit 3.0 ransomware, illustrating significant enhancements in mitigating the impact of the attack, reducing the cost of recovery, and strengthening the cybersecurity framework of healthcare organizations, but also applicable to other non-health sectors of the business world.展开更多
Ransomware attacks have been spreading broadly in the last few years,where attackers deny users’access to their systems and encrypt their files until they pay a ransom,usually in Bitcoin.Of course,that is the worst t...Ransomware attacks have been spreading broadly in the last few years,where attackers deny users’access to their systems and encrypt their files until they pay a ransom,usually in Bitcoin.Of course,that is the worst thing that can happen;especially for organizations having sensitive information.In this paper we proposed a cyber security awareness program intended to provide end-users with a rescue checklist in case of being attacked with a ransomware as well as preventing the attack and ways to recover from it.The program aimed at providing cyber security knowledge to 15 employees in a Sudanese trading and investment company.According to their cyber behaviour before the program,the participants showed a low level cyber security awareness that with 72%they are likely of being attacked by a ransomware from a phishing email,which is well known for spreading ransomware attacks.The results revealed that the cyber security awareness program greatly diminished the probability of being attacked by a ransomware with an average of 28%.This study can be used as a real-life ransomware attack rescue plan.展开更多
Ransomware attacks pose a significant threat to critical infrastructures,demanding robust detection mechanisms.This study introduces a hybrid model that combines vision transformer(ViT)and one-dimensional convolutiona...Ransomware attacks pose a significant threat to critical infrastructures,demanding robust detection mechanisms.This study introduces a hybrid model that combines vision transformer(ViT)and one-dimensional convolutional neural network(1DCNN)architectures to enhance ransomware detection capabilities.Addressing common challenges in ransomware detection,particularly dataset class imbalance,the synthetic minority oversampling technique(SMOTE)is employed to generate synthetic samples for minority class,thereby improving detection accuracy.The integration of ViT and 1DCNN through feature fusion enables the model to capture both global contextual and local sequential features,resulting in comprehensive ransomware classification.Tested on the UNSW-NB15 dataset,the proposed ViT-1DCNN model achieved 98%detection accuracy with precision,recall,and F1-score metrics surpassing conventional methods.This approach not only reduces false positives and negatives but also offers scalability and robustness for real-world cybersecurity applications.The results demonstrate the model’s potential as an effective tool for proactive ransomware detection,especially in environments where evolving threats require adaptable and high-accuracy solutions.展开更多
With the advent of the Internet of Things(IoT),several devices like sensors nowadays can interact and easily share information.But the IoT model is prone to security concerns as several attackers try to hit the networ...With the advent of the Internet of Things(IoT),several devices like sensors nowadays can interact and easily share information.But the IoT model is prone to security concerns as several attackers try to hit the network and make it vulnerable.In such scenarios,security concern is the most prominent.Different models were intended to address these security problems;still,several emergent variants of botnet attacks like Bashlite,Mirai,and Persirai use security breaches.The malware classification and detection in the IoT model is still a problem,as the adversary reliably generates a new variant of IoT malware and actively searches for compromise on the victim devices.This article develops a Sine Cosine Algorithm with Deep Learning based Ransomware Detection and Classification(SCADL-RWDC)method in an IoT environment.In the presented SCADL-RWDCtechnique,the major intention exists in recognizing and classifying ransomware attacks in the IoT platform.The SCADL-RWDC technique uses the SCA feature selection(SCA-FS)model to improve the detection rate.Besides,the SCADL-RWDC technique exploits the hybrid grey wolf optimizer(HGWO)with a gated recurrent unit(GRU)model for ransomware classification.A widespread experimental analysis is performed to exhibit the enhanced ransomware detection outcomes of the SCADL-RWDC technique.The comparison study reported the enhancement of the SCADL-RWDC technique over other models.展开更多
文摘Digital integration within healthcare systems exacerbates their vulnerability to sophisticated ransomware threats, leading to severe operational disruptions and data breaches. Current defenses are typically categorized into active and passive measures that struggle to achieve comprehensive threat mitigation and often lack real-time response effectiveness. This paper presents an innovative ransomware defense system, ERAD, designed for healthcare environments that apply the MITRE ATT&CK Matrix to coordinate dynamic, stage-specific countermeasures throughout the ransomware attack lifecycle. By systematically identifying and addressing threats based on indicators of compromise (IOCs), the proposed system proactively disrupts the attack chain before serious damage occurs. Validation is provided through a detailed analysis of a system deployment against LockBit 3.0 ransomware, illustrating significant enhancements in mitigating the impact of the attack, reducing the cost of recovery, and strengthening the cybersecurity framework of healthcare organizations, but also applicable to other non-health sectors of the business world.
文摘Ransomware attacks have been spreading broadly in the last few years,where attackers deny users’access to their systems and encrypt their files until they pay a ransom,usually in Bitcoin.Of course,that is the worst thing that can happen;especially for organizations having sensitive information.In this paper we proposed a cyber security awareness program intended to provide end-users with a rescue checklist in case of being attacked with a ransomware as well as preventing the attack and ways to recover from it.The program aimed at providing cyber security knowledge to 15 employees in a Sudanese trading and investment company.According to their cyber behaviour before the program,the participants showed a low level cyber security awareness that with 72%they are likely of being attacked by a ransomware from a phishing email,which is well known for spreading ransomware attacks.The results revealed that the cyber security awareness program greatly diminished the probability of being attacked by a ransomware with an average of 28%.This study can be used as a real-life ransomware attack rescue plan.
文摘Ransomware attacks pose a significant threat to critical infrastructures,demanding robust detection mechanisms.This study introduces a hybrid model that combines vision transformer(ViT)and one-dimensional convolutional neural network(1DCNN)architectures to enhance ransomware detection capabilities.Addressing common challenges in ransomware detection,particularly dataset class imbalance,the synthetic minority oversampling technique(SMOTE)is employed to generate synthetic samples for minority class,thereby improving detection accuracy.The integration of ViT and 1DCNN through feature fusion enables the model to capture both global contextual and local sequential features,resulting in comprehensive ransomware classification.Tested on the UNSW-NB15 dataset,the proposed ViT-1DCNN model achieved 98%detection accuracy with precision,recall,and F1-score metrics surpassing conventional methods.This approach not only reduces false positives and negatives but also offers scalability and robustness for real-world cybersecurity applications.The results demonstrate the model’s potential as an effective tool for proactive ransomware detection,especially in environments where evolving threats require adaptable and high-accuracy solutions.
基金This work was funded by the Deanship of Scientific Research at Princess Nourah bint Abdulrahman University,through the Research Groups Program Grant No.(RGP-1443-0051).
文摘With the advent of the Internet of Things(IoT),several devices like sensors nowadays can interact and easily share information.But the IoT model is prone to security concerns as several attackers try to hit the network and make it vulnerable.In such scenarios,security concern is the most prominent.Different models were intended to address these security problems;still,several emergent variants of botnet attacks like Bashlite,Mirai,and Persirai use security breaches.The malware classification and detection in the IoT model is still a problem,as the adversary reliably generates a new variant of IoT malware and actively searches for compromise on the victim devices.This article develops a Sine Cosine Algorithm with Deep Learning based Ransomware Detection and Classification(SCADL-RWDC)method in an IoT environment.In the presented SCADL-RWDCtechnique,the major intention exists in recognizing and classifying ransomware attacks in the IoT platform.The SCADL-RWDC technique uses the SCA feature selection(SCA-FS)model to improve the detection rate.Besides,the SCADL-RWDC technique exploits the hybrid grey wolf optimizer(HGWO)with a gated recurrent unit(GRU)model for ransomware classification.A widespread experimental analysis is performed to exhibit the enhanced ransomware detection outcomes of the SCADL-RWDC technique.The comparison study reported the enhancement of the SCADL-RWDC technique over other models.
