Showing 1–1 of 1 results for author: Kushwaha, P K

Cross-temporal Detection of Novel Ransomware Campaigns: A Multi-Modal Alert Approach

Authors: Sathvik Murli, Dhruv Nandakumar, Prabhat Kumar Kushwaha, Cheng Wang, Christopher Redino, Abdul Rahman, Shalini Israni, Tarun Singh, Edward Bowen

Abstract: We present a novel approach to identify ransomware campaigns derived from attack timelines representations within victim networks. Malicious activity profiles developed from multiple alert sources support the construction of alert graphs. This approach enables an effective and scalable representation of the attack timelines where individual nodes represent malicious activity detections with connec… ▽ More We present a novel approach to identify ransomware campaigns derived from attack timelines representations within victim networks. Malicious activity profiles developed from multiple alert sources support the construction of alert graphs. This approach enables an effective and scalable representation of the attack timelines where individual nodes represent malicious activity detections with connections describing the potential attack paths. This work demonstrates adaptability to different attack patterns through implementing a novel method for parsing and classifying alert graphs while maintaining efficacy despite potentially low-dimension node features. △ Less

Submitted 1 September, 2023; originally announced September 2023.

Comments: Preprint. Under Review