Browse > Article
http://dx.doi.org/10.22156/CS4SMB.2021.11.06.024

Graph Database Design and Implementation for Ransomware Detection  

Choi, Do-Hyeon (Dept. of Computer Science, Soongsil University)
Publication Information
Journal of Convergence for Information Technology / v.11, no.6, 2021 , pp. 24-32 More about this Journal
Abstract
Recently, ransomware attacks have been infected through various channels such as e-mail, phishing, and device hacking, and the extent of the damage is increasing rapidly. However, existing known malware (static/dynamic) analysis engines are very difficult to detect/block against novel ransomware that has evolved like Advanced Persistent Threat (APT) attacks. This work proposes a method for modeling ransomware malicious behavior based on graph databases and detecting novel multi-complex malicious behavior for ransomware. Studies confirm that pattern detection of ransomware is possible in novel graph database environments that differ from existing relational databases. Furthermore, we prove that the associative analysis technique of graph theory is significantly efficient for ransomware analysis performance.
Keywords
Malware; Grape Database; Randomware; Behavior Analysis; Association Analysis;
Citations & Related Records
연도 인용수 순위
  • Reference
1 S. H. Woo. (2020). Attack Types and Countermeasures of Next Generation Ransomeware. Journal of the Korea Information and Communication Association Conference, 24(1), 541-544. UCI(KEPA) : I410-ECN-0101-2020-004-000905920
2 S. Venkatraman, K. Fahd, S. Kaspi & R. Venkatraman. (2016). SQL versus NoSQL movement with big data analytics. Int. J. Inform. Technol. Comput. Sci., 8, 59-66. DOI : 10.5815/ijitcs.2016.12.07   DOI
3 C. S. Bae & S. C. Goh. (2020). For Improving Security Log Big Data Analysis Efficiency, A Firewall Log Data Standard Format Proposed. Journal of the Korea Institute of Information Security and Cryptology, 30(1), 157-167. DOI : 10.13089/JKIISC.2020.30.1.157   DOI
4 J. H. Ha & T. J. Lee. (2020). Research on text mining based malware analysis technology using string information. Journal of Korea Internet Computing and Services, 21(1), 45-55. DOI : 10.7472/jksii.2020.21.1.45   DOI
5 S. K. Park. (2020). Development of Prevention and Post-recovery System against the Ransomwares Attacks using the Technique of Massively Data Signing and Kernel Level Backup. Journal of the Institute of Electronics and Information Engineers, 57(3), 57-72. DOI : 10.5573/ieie.2020.57.3.57   DOI
6 J. B. Yoo, S. J. Oh, R. H. Park & T. K. Kwon. (2018). Development Research of An Efficient Malware Classification System Using Hybrid Features And Machine Learning. Journal of the Korea Institute of Information Security & Cryptology, 28(5), 1161-1167. DOI : 10.13089/JKIISC.2018.28.5.1161   DOI
7 J. W. Lee, Y. M. Kim, J. H. Lee & J. M. Hong. (2019). An Efficient Decoy File Placement Method for Detecting Ransomware. Journal of Korean Institute of Smart Media, 8(1), 27-34. DOI : 10.30693/SMJ.2019.8.1.27   DOI
8 W. J. Joo & H. S. Kim. (2019). A Malware Variants Detection Method based on Behavior Similari. Journal of Korean Institute of Smart Media, 8(4), 25-32. DOI : 10.30693/SMJ.2019.8.4.25   DOI
9 S. I. Bae, G. B. Lee & E. G. Im. (2020). Ransomware detection using machine learning algorithms. Concurrency and Computation: Practice and Experience, 32(18). DOI : 10.1002/cpe.5422   DOI
10 J. H. Hwang & T. J. Lee. (2017). Android Malware Analysis Technology Research Based on Naive Bayes. Journal of the Korea Institute of Information Security & Cryptology, 27(5), 1087-1097. DOI : 10.13089/JKIISC.2017.27.5.1087   DOI
11 Y. B. Cho. (2018). The Malware Detection Using Deep Learning based R-CNN. Journal of Korea Digital Contents Society, 19(6), 1177-1183. DOI : 10.9728/dcs.2018.19.6.1177   DOI
12 H. J. Lee, S. Y. uh & D. S. wang. (2019). Distributed Processing System Design and Implementation for Feature Extraction from Large-Scale Malicious Code. KIPS Transactions on Computer and Communication Systems, 8(2), 2. DOI : 10.3745/KTCCS.2019.8.2.35   DOI
13 Y. S. Ko & J. P. Park. (2019). A Study on the Ransomware Detection System Based on User Requirements Analysis for Data Restoration. Journal of the Korea Academia-Industrial cooperation Society, 20(4), 50-55. DOI : 10.5762/KAIS.2019.20.4.50   DOI
14 J. G. Joo, I. S. Jung & S. H. Kang. (2019). An Optimal Feature Selection Method to Detect Malwares in Real Time Using Machine Learning. Journal of Korea Multimedia Society, 22(2), 203-209. DOI : 10.9717/kmms.2019.22.2.203   DOI
15 H. B. Kim & T. J. Lee. (2020). Stacked Autoencoder Based Malware Feature Refinement Technology Research. Journal of the Korea Institute of Information Security & Cryptology, 30(4), 593-603. DOI : 10.13089/JKIISC.2020.30.4.593   DOI
16 S. J. Kim, J. H. Ha, S. H. Oh & T. J. Lee. (2019). A Study on Malware Identification System Using Static Analysis Based Machine Learning Technique. Journal of the Korea Institute of Information Security & Cryptology, 29(4), 775-784. DOI : 10.13089/JKIISC.2019.29.4.775   DOI
17 Arvind Padmanabhan. (Date of publication). Devopedia. Structured vs Unstructured Data(Online). https://devopedia.org/structured-vs-unstructured-data
18 K. S. Kim. (2016). Performance Comparison of PostgreSQL and MongoDB using YCSB. Journal of Korean Institute of Information Scientists and Engineers, 43(12), 1385-1395. UCI(KEPA) : I410-ECN-0101-2017-569-001860058
19 Jon. P. Smith. (Date of publication). The Reformed Programmer. EF Core - Combining SQL and NoSQL databases for better performance. https://www.thereformedprogrammer.net/