Ransomware Detection and Identification in Computer Networks Using Machine Learning Techniques - دانشکده فنی و مهندسی
Ransomware Detection and Identification in Computer Networks Using Machine Learning Techniques
نوع: Type: thesis
مقطع: Segment: masters
عنوان: Title: Ransomware Detection and Identification in Computer Networks Using Machine Learning Techniques
ارائه دهنده: Provider: Seyyed Mohammad Ali Abolmaali
اساتید راهنما: Supervisors: dr Reza Mohammadi, dr Mohammad Nasiri
اساتید مشاور: Advisory Professors:
اساتید ممتحن یا داور: Examining professors or referees: dr Hasan KhotanLo, dr Moharram Mansorizade
زمان و تاریخ ارائه: Time and date of presentation: 2023
مکان ارائه: Place of presentation: Class 27 of the Faculty of Engineering
چکیده: Abstract: In recent years, we have witnessed a significant growth of cyber attacks due to a type of malicious software, ransomware, which is used by attackers to penetrate the network and computer, and has caused not only ordinary users, but also government and private bodies and organizations. target These attacks can be very destructive and costly, as they can lead to the loss or release of sensitive data, disruption of operations, and irreparable damage. As a result, there is a growing need for advanced security measures to identify, detect and prevent ransomware attacks before they cause damage. In this research, two different methods have been proposed to detect and identify ransomware in computer systems using an approach based on machine learning techniques. The proposed methods are based on network traffic pattern analysis, for this purpose, by collecting traffic patterns and extracting their important features and then applying machine learning algorithms, we will try to detect and identify ransomware. The first method is based on the detection and identification of ransomware based on network traffic packets, and the second method is based on the detection and identification of ransomware based on a stream of network traffic packets. The purpose of using machine learning techniques in the detection and identification of ransomware is to improve the quality and speed of ransomware detection during network traffic analysis. Also, machine learning training models can be used to strengthen existing systems to prevent ransomware attacks in order to identify potential weaknesses, preserve information, avoid disruptions in operations, and avoid direct and indirect financial losses. The results of the simulation show that the Multilayer Perceptron algorithm based on network traffic packets has 97% accuracy in detecting and identifying ransomware. It was also found that the algorithm of Support Vector Machines in the method of detecting and identifying ransomware based on a stream of network traffic packets has an accuracy of 88% in terms of the F1-Score index. This result indicates that the implementation of these methods will have a significant impact on the detection and identification of ransomware in computer networks
فایل: ّFile: Download فایل