Keyvan Ansari

In the rapidly evolving field of cybersecurity, ransomware poses an escalating threat; adversaries employ advanced encryption techniques to render critical data inaccessible and evade traditional defenses. Specifically, ransomware developers utilize intricate strategies that undermine heuristic file monitoring and file system attribute analysis, rendering current detection methods ineffective against such attacks. This study tests and analyzes the performance of models that focus on the file system level. The goal is to improve detection by using statistically measurable attributes that are specific to the file system. For instance, statistically measurable data can be derived from the blocks of the write buffer transmitted from endpoints to storage servers. We investigate the effectiveness of various machine learning classifiers in detecting encryption activities at the storage level, using a substantial dataset of 32.6 GB comprising 11,928 files encrypted by 75 ransomware families. We integrate novel statistical components to augment the system’s ability to detect encryption, notwithstanding the adaptive tactics of ransomware that reduce entropy measures and alter call frequencies to evade classification. Our in-depth study looks at these classifiers in the context of ransomware that uses partial and intermittent encryption and online learning methods to make them more flexible in a threat environment that changes quickly. In benchmark tests, the Hoeffding Tree algorithm consistently performs well. It works especially well against types of ransomware that use intermittent encryption methods.

Data from interconnected vehicles may contain sensitive information such as location, driving behavior, personal identifiers, etc. Without adequate safeguards, sharing this data jeopardizes data privacy and system security. The current cen-tralized data-sharing paradigm in these systems raises particular concerns about data privacy. Recognizing these challenges, the shift towards decentralized interactions in technology, as echoed by the principles of Industry 5.0, becomes paramount. This work is closely aligned with these principles, emphasizing decentralized, human-centric, and secure technological interactions in an interconnected vehicular ecosystem. To embody this, we propose a practical approach that merges two emerging technologies: Federated Learning (FL) and Blockchain. The integration of these technologies enables the creation of a decentralized vehicular network. In this setting, vehicles can learn from each other without compromising privacy while also ensuring data integrity and accountability. Initial experiments show that compared to conventional decentralized federated learning techniques, our proposed approach significantly enhances the performance and security of vehicular networks. The system's accuracy stands at 91.92%. While this may appear to be low in comparison to state-of-the-art federated learning models, our work is noteworthy because, unlike others, it was achieved in a malicious vehicle setting. Despite the challenging environment, our method maintains high accuracy, making it a competent solution for preserving data privacy in vehicular networks.