乐胖代购免代理版

{"id":"https://openalex.org/W4391937046","doi":"https://doi.org/10.1109/cic58953.2023.00018","title":"Understanding the Behavior of Ransomware: An I/O Request Packet (IRP) Driven Study on Ransomware Detection against Execution Time","display_name":"Understanding the Behavior of Ransomware: An I/O Request Packet (IRP) Driven Study on Ransomware Detection against Execution Time","publication_year":2023,"publication_date":"2023-11-01","ids":{"openalex":"https://openalex.org/W4391937046","doi":"https://doi.org/10.1109/cic58953.2023.00018"},"language":"en","primary_location":{"is_oa":false,"landing_page_url":"https://doi.org/10.1109/cic58953.2023.00018","pdf_url":null,"source":null,"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false},"type":"article","type_crossref":"proceedings-article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5002099869","display_name":"Md. Ahsan Ayub","orcid":"https://orcid.org/0000-0002-1345-0110"},"institutions":[{"id":"https://openalex.org/I63920570","display_name":"Tennessee Technological University","ror":"https://ror.org/05drmrq39","country_code":"US","type":"funder","lineage":["https://openalex.org/I63920570"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Md. Ahsan Ayub","raw_affiliation_strings":["Department of Computer Science, Tennessee Tech University, Cookeville, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Tennessee Tech University, Cookeville, USA","institution_ids":["https://openalex.org/I63920570"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5110313478","display_name":"Ambareen Siraj","orcid":null},"institutions":[{"id":"https://openalex.org/I63920570","display_name":"Tennessee Technological University","ror":"https://ror.org/05drmrq39","country_code":"US","type":"funder","lineage":["https://openalex.org/I63920570"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ambareen Siraj","raw_affiliation_strings":["Department of Computer Science, Tennessee Tech University, Cookeville, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Tennessee Tech University, Cookeville, USA","institution_ids":["https://openalex.org/I63920570"]}]}],"institution_assertions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.0,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":0,"max":65},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"10"},"is_retracted":false,"is_paratext":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9999,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9999,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9958,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.9475495}],"concepts":[{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.9475495},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.63442695},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.521088},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.44575217},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.402858},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.35920894},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.3431476},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.3039297}],"mesh":[],"locations_count":1,"locations":[{"is_oa":false,"landing_page_url":"https://doi.org/10.1109/cic58953.2023.00018","pdf_url":null,"source":null,"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.44,"display_name":"Peace, justice, and strong institutions","id":"https://metadata.un.org/sdg/16"}],"grants":[],"datasets":[],"versions":[],"referenced_works_count":30,"referenced_works":["https://openalex.org/W1522301498","https://openalex.org/W1536598138","https://openalex.org/W1546751907","https://openalex.org/W1634176025","https://openalex.org/W2043263066","https://openalex.org/W2105497548","https://openalex.org/W2115627867","https://openalex.org/W2119359024","https://openalex.org/W2130778370","https://openalex.org/W2130971075","https://openalex.org/W2296719434","https://openalex.org/W2514847810","https://openalex.org/W2539082945","https://openalex.org/W2559964890","https://openalex.org/W2590294838","https://openalex.org/W2711905154","https://openalex.org/W2765713146","https://openalex.org/W2775582065","https://openalex.org/W2790117856","https://openalex.org/W2792599578","https://openalex.org/W2795144650","https://openalex.org/W2795248401","https://openalex.org/W2809959305","https://openalex.org/W2890196927","https://openalex.org/W2901561143","https://openalex.org/W2993999308","https://openalex.org/W3085550466","https://openalex.org/W4254182148","https://openalex.org/W4298304654","https://openalex.org/W4320930577"],"related_works":["https://openalex.org/W4389157351","https://openalex.org/W4253977752","https://openalex.org/W4232561318","https://openalex.org/W3202245533","https://openalex.org/W3201228709","https://openalex.org/W3120595989","https://openalex.org/W2964829536","https://openalex.org/W2942879794","https://openalex.org/W2922354075","https://openalex.org/W2904586340"],"abstract_inverted_index":{"Industries":[0],"of":[1,56,88,97,160,164,168,173],"diverse":[2],"sizes,":[3],"ranging":[4],"from":[5],"retail":[6],"to":[7,48,61,64],"critical":[8],"infrastructure,":[9],"are":[10],"experiencing":[11],"a":[12,19,42],"worldwide":[13],"upswing":[14],"in":[15,32,137],"ransomware":[16,22,30,58,124],"attacks.":[17],"On":[18],"daily":[20],"basis,":[21],"researchers":[23],"encounter":[24],"fresh":[25],"samples":[26,59],"and":[27,85,111,149,170],"uncover":[28],"novel":[29],"families":[31,63,140],"the":[33,118,127],"wild.":[34],"This":[35],"research":[36],"investigates":[37],"ransomware's":[38],"I/ORequest":[39],"Packet":[40],"(IRP),":[41],"low-level":[43],"file":[44],"system":[45],"I/O":[46],"log,":[47],"understand":[49],"their":[50],"behavior.":[51],"We":[52,132],"analyze":[53],"IRP":[54,89],"logs":[55,98],"383":[57],"belonging":[60],"21":[62],"execute":[65],"these":[66],"tasks.":[67],"To":[68,152],"evaluate":[69],"our":[70,80],"schemes'":[71],"capabilities":[72],"on":[73,99],"detection":[74],"against":[75],"execution":[76],"time,":[77],"we":[78,116,154],"report":[79],"empirical":[81],"findings":[82],"between":[83],"15":[84],"40":[86],"minutes":[87,96],"logs,":[90],"whereas":[91],"each":[92],"sample":[93],"covers":[94],"90":[95],"average.":[100],"By":[101],"utilizing":[102],"one-class":[103],"classification":[104],"algorithms,":[105],"e.g.,":[106],"One-Class":[107],"SVM,":[108],"Isolation":[109],"Forests,":[110,146],"Local":[112],"Outlier":[113],"Factor":[114],"(LOF),":[115],"demonstrate":[117],"identified":[119],"sequences":[120],"successfully":[121],"discover":[122],"new":[123],"upon":[125],"which":[126],"classifiers":[128],"were":[129],"not":[130],"trained.":[131],"achieve":[133],"exceptional":[134],"experimental":[135],"results":[136],"identifying":[138],"ran-somware":[139],"by":[141],"applying":[142],"Decision":[143],"Trees,":[144,148],"Random":[145],"Extra":[147],"Bagging":[150],"classifiers.":[151],"highlight,":[153],"at":[155],"best":[156],"obtain":[157],"an":[158],"accuracy":[159],"93.94%,":[161],"precision":[162],"score":[163,167,172],"93.27%,":[165],"recall":[166],"91.28%,":[169],"F1":[171],"91.90%.":[174]},"abstract_inverted_index_v3":null,"cited_by_api_url":"https://api.openalex.org/works?filter=cites:W4391937046","counts_by_year":[],"updated_date":"2025-04-08T21:06:54.827765","created_date":"2024-02-20"}