Radial Spike and Slab Bayesian Neural Networks for Sparse Data in Ransomware Attacks
Ransomware attacks are increasing at an alarming rate, leading to large financial losses, unrecoverable encrypted data, data leakage, and privacy concerns. The prompt detection of ransomware attacks is required to minimize further damage, particularly during the encryption stage. However, the freque...
Gespeichert in:
| Hauptverfasser: | , , , , |
|---|---|
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Nazarovs, Jurijs Stokes, Jack W Turcotte, Melissa Carroll, Justin Grady, Itai |
| description | Ransomware attacks are increasing at an alarming rate, leading to large
financial losses, unrecoverable encrypted data, data leakage, and privacy
concerns. The prompt detection of ransomware attacks is required to minimize
further damage, particularly during the encryption stage. However, the
frequency and structure of the observed ransomware attack data makes this task
difficult to accomplish in practice. The data corresponding to ransomware
attacks represents temporal, high-dimensional sparse signals, with limited
records and very imbalanced classes. While traditional deep learning models
have been able to achieve state-of-the-art results in a wide variety of
domains, Bayesian Neural Networks, which are a class of probabilistic models,
are better suited to the issues of the ransomware data. These models combine
ideas from Bayesian statistics with the rich expressive power of neural
networks. In this paper, we propose the Radial Spike and Slab Bayesian Neural
Network, which is a new type of Bayesian Neural network that includes a new
form of the approximate posterior distribution. The model scales well to large
architectures and recovers the sparse structure of target functions. We provide
a theoretical justification for using this type of distribution, as well as a
computationally efficient method to perform variational inference. We
demonstrate the performance of our model on a real dataset of ransomware
attacks and show improvement over a large number of baselines, including
state-of-the-art models such as Neural ODEs (ordinary differential equations).
In addition, we propose to represent low-level events as MITRE ATT\&CK tactics,
techniques, and procedures (TTPs) which allows the model to better generalize
to unseen ransomware attacks. |
| doi_str_mv | 10.48550/arxiv.2205.14759 |
| format | Article |
| fullrecord | <record><control><sourceid>arxiv_GOX</sourceid><recordid>TN_cdi_arxiv_primary_2205_14759</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2205_14759</sourcerecordid><originalsourceid>FETCH-LOGICAL-a679-bfddf16028480a6ed7268d6a2b992fd9ab8b9b1f8f6b2955332d395683f333d33</originalsourceid><addsrcrecordid>eNotz81uwjAQBGBfOFTQB-ip-wJJE2_s2EdKfyVEJcg9Wte2ZCUkyE5LeftS6GkOMxrpY-yuLPJKCVE8UPwJ3znnhcjLqhb6hjVbsoF62B1C54AGC7ueDDzSyaVAA2zcVzzXGzcdx9gl8GM8bykmB080EYQBtjSkcX-k6GA5TfTZpQWbeeqTu_3POWtenpvVW7b-eH1fLdcZyVpnxlvrS1lwVamCpLM1l8pK4kZr7q0mo4w2pVdeGq6FQOQWtZAKPSJaxDm7v95eWO0hhj3FU_vHay88_AUXjEow</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Radial Spike and Slab Bayesian Neural Networks for Sparse Data in Ransomware Attacks</title><source>arXiv.org</source><creator>Nazarovs, Jurijs ; Stokes, Jack W ; Turcotte, Melissa ; Carroll, Justin ; Grady, Itai</creator><creatorcontrib>Nazarovs, Jurijs ; Stokes, Jack W ; Turcotte, Melissa ; Carroll, Justin ; Grady, Itai</creatorcontrib><description>Ransomware attacks are increasing at an alarming rate, leading to large
financial losses, unrecoverable encrypted data, data leakage, and privacy
concerns. The prompt detection of ransomware attacks is required to minimize
further damage, particularly during the encryption stage. However, the
frequency and structure of the observed ransomware attack data makes this task
difficult to accomplish in practice. The data corresponding to ransomware
attacks represents temporal, high-dimensional sparse signals, with limited
records and very imbalanced classes. While traditional deep learning models
have been able to achieve state-of-the-art results in a wide variety of
domains, Bayesian Neural Networks, which are a class of probabilistic models,
are better suited to the issues of the ransomware data. These models combine
ideas from Bayesian statistics with the rich expressive power of neural
networks. In this paper, we propose the Radial Spike and Slab Bayesian Neural
Network, which is a new type of Bayesian Neural network that includes a new
form of the approximate posterior distribution. The model scales well to large
architectures and recovers the sparse structure of target functions. We provide
a theoretical justification for using this type of distribution, as well as a
computationally efficient method to perform variational inference. We
demonstrate the performance of our model on a real dataset of ransomware
attacks and show improvement over a large number of baselines, including
state-of-the-art models such as Neural ODEs (ordinary differential equations).
In addition, we propose to represent low-level events as MITRE ATT\&CK tactics,
techniques, and procedures (TTPs) which allows the model to better generalize
to unseen ransomware attacks.</description><identifier>DOI: 10.48550/arxiv.2205.14759</identifier><language>eng</language><subject>Computer Science - Cryptography and Security ; Computer Science - Learning</subject><creationdate>2022-05</creationdate><rights>http://arxiv.org/licenses/nonexclusive-distrib/1.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,778,883</link.rule.ids><linktorsrc>$$Uhttps://arxiv.org/abs/2205.14759$$EView_record_in_Cornell_University$$FView_record_in_$$GCornell_University$$Hfree_for_read</linktorsrc><backlink>$$Uhttps://doi.org/10.48550/arXiv.2205.14759$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Nazarovs, Jurijs</creatorcontrib><creatorcontrib>Stokes, Jack W</creatorcontrib><creatorcontrib>Turcotte, Melissa</creatorcontrib><creatorcontrib>Carroll, Justin</creatorcontrib><creatorcontrib>Grady, Itai</creatorcontrib><title>Radial Spike and Slab Bayesian Neural Networks for Sparse Data in Ransomware Attacks</title><description>Ransomware attacks are increasing at an alarming rate, leading to large
financial losses, unrecoverable encrypted data, data leakage, and privacy
concerns. The prompt detection of ransomware attacks is required to minimize
further damage, particularly during the encryption stage. However, the
frequency and structure of the observed ransomware attack data makes this task
difficult to accomplish in practice. The data corresponding to ransomware
attacks represents temporal, high-dimensional sparse signals, with limited
records and very imbalanced classes. While traditional deep learning models
have been able to achieve state-of-the-art results in a wide variety of
domains, Bayesian Neural Networks, which are a class of probabilistic models,
are better suited to the issues of the ransomware data. These models combine
ideas from Bayesian statistics with the rich expressive power of neural
networks. In this paper, we propose the Radial Spike and Slab Bayesian Neural
Network, which is a new type of Bayesian Neural network that includes a new
form of the approximate posterior distribution. The model scales well to large
architectures and recovers the sparse structure of target functions. We provide
a theoretical justification for using this type of distribution, as well as a
computationally efficient method to perform variational inference. We
demonstrate the performance of our model on a real dataset of ransomware
attacks and show improvement over a large number of baselines, including
state-of-the-art models such as Neural ODEs (ordinary differential equations).
In addition, we propose to represent low-level events as MITRE ATT\&CK tactics,
techniques, and procedures (TTPs) which allows the model to better generalize
to unseen ransomware attacks.</description><subject>Computer Science - Cryptography and Security</subject><subject>Computer Science - Learning</subject><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><sourceid>GOX</sourceid><recordid>eNotz81uwjAQBGBfOFTQB-ip-wJJE2_s2EdKfyVEJcg9Wte2ZCUkyE5LeftS6GkOMxrpY-yuLPJKCVE8UPwJ3znnhcjLqhb6hjVbsoF62B1C54AGC7ueDDzSyaVAA2zcVzzXGzcdx9gl8GM8bykmB080EYQBtjSkcX-k6GA5TfTZpQWbeeqTu_3POWtenpvVW7b-eH1fLdcZyVpnxlvrS1lwVamCpLM1l8pK4kZr7q0mo4w2pVdeGq6FQOQWtZAKPSJaxDm7v95eWO0hhj3FU_vHay88_AUXjEow</recordid><startdate>20220529</startdate><enddate>20220529</enddate><creator>Nazarovs, Jurijs</creator><creator>Stokes, Jack W</creator><creator>Turcotte, Melissa</creator><creator>Carroll, Justin</creator><creator>Grady, Itai</creator><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20220529</creationdate><title>Radial Spike and Slab Bayesian Neural Networks for Sparse Data in Ransomware Attacks</title><author>Nazarovs, Jurijs ; Stokes, Jack W ; Turcotte, Melissa ; Carroll, Justin ; Grady, Itai</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a679-bfddf16028480a6ed7268d6a2b992fd9ab8b9b1f8f6b2955332d395683f333d33</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><topic>Computer Science - Cryptography and Security</topic><topic>Computer Science - Learning</topic><toplevel>online_resources</toplevel><creatorcontrib>Nazarovs, Jurijs</creatorcontrib><creatorcontrib>Stokes, Jack W</creatorcontrib><creatorcontrib>Turcotte, Melissa</creatorcontrib><creatorcontrib>Carroll, Justin</creatorcontrib><creatorcontrib>Grady, Itai</creatorcontrib><collection>arXiv Computer Science</collection><collection>arXiv.org</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Nazarovs, Jurijs</au><au>Stokes, Jack W</au><au>Turcotte, Melissa</au><au>Carroll, Justin</au><au>Grady, Itai</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Radial Spike and Slab Bayesian Neural Networks for Sparse Data in Ransomware Attacks</atitle><date>2022-05-29</date><risdate>2022</risdate><abstract>Ransomware attacks are increasing at an alarming rate, leading to large
financial losses, unrecoverable encrypted data, data leakage, and privacy
concerns. The prompt detection of ransomware attacks is required to minimize
further damage, particularly during the encryption stage. However, the
frequency and structure of the observed ransomware attack data makes this task
difficult to accomplish in practice. The data corresponding to ransomware
attacks represents temporal, high-dimensional sparse signals, with limited
records and very imbalanced classes. While traditional deep learning models
have been able to achieve state-of-the-art results in a wide variety of
domains, Bayesian Neural Networks, which are a class of probabilistic models,
are better suited to the issues of the ransomware data. These models combine
ideas from Bayesian statistics with the rich expressive power of neural
networks. In this paper, we propose the Radial Spike and Slab Bayesian Neural
Network, which is a new type of Bayesian Neural network that includes a new
form of the approximate posterior distribution. The model scales well to large
architectures and recovers the sparse structure of target functions. We provide
a theoretical justification for using this type of distribution, as well as a
computationally efficient method to perform variational inference. We
demonstrate the performance of our model on a real dataset of ransomware
attacks and show improvement over a large number of baselines, including
state-of-the-art models such as Neural ODEs (ordinary differential equations).
In addition, we propose to represent low-level events as MITRE ATT\&CK tactics,
techniques, and procedures (TTPs) which allows the model to better generalize
to unseen ransomware attacks.</abstract><doi>10.48550/arxiv.2205.14759</doi><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | DOI: 10.48550/arxiv.2205.14759 |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_arxiv_primary_2205_14759 |
| source | arXiv.org |
| subjects | Computer Science - Cryptography and Security Computer Science - Learning |
| title | Radial Spike and Slab Bayesian Neural Networks for Sparse Data in Ransomware Attacks |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-16T11%3A40%3A25IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-arxiv_GOX&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Radial%20Spike%20and%20Slab%20Bayesian%20Neural%20Networks%20for%20Sparse%20Data%20in%20Ransomware%20Attacks&rft.au=Nazarovs,%20Jurijs&rft.date=2022-05-29&rft_id=info:doi/10.48550/arxiv.2205.14759&rft_dat=%3Carxiv_GOX%3E2205_14759%3C/arxiv_GOX%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |