Version 1
: Received: 16 November 2023 / Approved: 20 November 2023 / Online: 21 November 2023 (10:20:15 CET)
How to cite:
Wang, F. A Few-Shot Learning Approach with a Twin Neural Network Utilizing Entropy Features for Ransomware Classification. Preprints2023, 2023111286. https://doi.org/10.20944/preprints202311.1286.v1
Wang, F. A Few-Shot Learning Approach with a Twin Neural Network Utilizing Entropy Features for Ransomware Classification. Preprints 2023, 2023111286. https://doi.org/10.20944/preprints202311.1286.v1
Wang, F. A Few-Shot Learning Approach with a Twin Neural Network Utilizing Entropy Features for Ransomware Classification. Preprints2023, 2023111286. https://doi.org/10.20944/preprints202311.1286.v1
APA Style
Wang, F. (2023). A Few-Shot Learning Approach with a Twin Neural Network Utilizing Entropy Features for Ransomware Classification. Preprints. https://doi.org/10.20944/preprints202311.1286.v1
Chicago/Turabian Style
Wang, F. 2023 "A Few-Shot Learning Approach with a Twin Neural Network Utilizing Entropy Features for Ransomware Classification" Preprints. https://doi.org/10.20944/preprints202311.1286.v1
Abstract
Ransomware attacks have rapidly proliferated, inflicting severe financial damages on businesses and individuals. Machine learning approaches to automate ransomware detection have shown promise but grapple with challenges like limited training data. This study introduces a novel deep learning model for few-shot ransomware classification. The model employs entropy features derived directly from malware binaries coupled with a twin neural network architecture utilizing transfer learning. Tests on over 1000 samples across 11 families demonstrate a weighted F1-score of 85.8\%, surpassing existing methods. The approach mitigates biases in limited training data and preserves intricacies lost in image-based features. It exhibits precise classification capabilities even with sparse samples of new ransomware variants. The research highlights the potential of entropy-driven deep learning to equip defenses against emerging zero-day ransomware strains.
Keywords
ransomware; malware classification; deep learning; few-shot learning; entropy features; transfer learning
Subject
Computer Science and Mathematics, Artificial Intelligence and Machine Learning
Copyright:
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.