Publication details
Unveiling Ransomware: Sequence Alignment and Deep Learning for Early Detection
| Authors | |
|---|---|
| Year of publication | 2025 |
| Type | Article in Proceedings |
| Conference | 2025 17th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT) |
| MU Faculty or unit | |
| Citation | |
| web | https://ieeexplore.ieee.org/document/11268719 |
| Doi | https://doi.org/10.1109/ICUMT67815.2025.11268719 |
| Keywords | malware detection; ransomware; sequence alignment; sequence prediction |
| Description | Ransomware poses a significant and evolving threat to modern information systems, often causing data loss and financial and reputation damage. Traditional detection mechanisms tend to focus either on known indicators of compromise or on overly specific behavioral patterns, which can limit their ability to detect novel or stealthy variants. In this paper, we propose, test, and evaluate a novel method for early-stage ransomware infection detection and prediction using sequence alignment techniques and deep learning-based sequence modeling. Specifically, we present an improved version of the well-known Needleman- Wunsch global sequence alignment algorithm tailored to detect partially matching suspicious behavioral patterns within network traffic flows. In parallel, we explore the use of transformer models to predict the continuation of these event sequences, enabling ear- lier detection and response. Our approach is inspired by bioinformatics methodologies, treating event sequences analogous to DNA analysis. Experiments conducted on a real-world ransomware network traffic dataset demonstrate the promising results of our method, both in aligning noisy, interleaved sequences and in accurately predicting the progression of ransomware behavior. |
| Related projects: |