Texture-Based Automated Classification of Ransomware

Abstract

Reliance on digital data has been increased with easy availability of user friendly software to store and manipulate data with much less effort. This digital data can become very hard to maintain if no security mechanisms has been implemented to protect it from unauthorized access. Even the whole machine is on the verge of being infected if not being secured. Data and the whole machine can be easily infected or lost if any malicious operation is being executed on the machine by some unauthorized user. This is possible, by injecting some malicious operations in the byte code of the source file that is being transferred into the machine. These malicious operations, according to the harm they caused, have been categorized into different categories of malware. Among various malwares, Ransomware is a harmful malware that can restrict the user�s access to his own computer�s data, using encryption mechanism. Until the required ransom is not paid the decryption key is not provided. Unlike other techniques discussed in the literature, the technique proposed in this paper analyse irregularity in the texture of the image. Proposed technique used local binary pattern generated from the file to be analysed which has the ability to detect the same immediately on the transfer of file into the victim�s computer before its execution. This analysis detects the injection of some abnormal operations inserted into the byte code of the respective file to make the ransomware execute. The technique was tested on 1738 window based and 179 android based different ransomware and benign samples which generated an accuracy of 87.9% at maximum. � 2020, The Institution of Engineers (India).