Mihui Kim, Junhyeok Yun

KIPS Transactions on Computer and Communication Systems, Vol. 7, No. 10, pp. 251-258, Oct. 2018
10.3745/KTCCS.2018.7.10.251,   PDF Download:
Keywords: Ransomware, Infection Detection System, Social Big Data Mining, Entropy, Chi-Square
Abstract

Ransomware, a malicious software that requires a ransom by encrypting a file, is becoming more threatening with its rapid propagation and intelligence. Rapid detection and risk analysis are required, but real-time analysis and reporting are lacking. In this paper, we propose a ransomware infection detection system using social big data mining technology to enable real-time analysis. The system analyzes the twitter stream in real time and crawls tweets with keywords related to ransomware. It also extracts keywords related to ransomware by crawling the news server through the news feed parser and extracts news or statistical data on the servers of the security company or search engine. The collected data is analyzed by data mining algorithms. By comparing the number of related tweets, google trends (statistical information), and articles related wannacry and locky ransomware infection spreading in 2017, we show that our system has the possibility of ransomware infection detection using tweets. Moreover, the performance of proposed system is shown through entropy and chi-square analysis.

Statistics
Cite this article