@article{Moussaileb2020,

title = {Ransomware Network Traffic Analysis for Pre-encryption Alert},

author = {Routa Moussaileb and Nora Cuppens and Jean Louis Lanet and H\'{e}l\`{e}ne Le Bouder},

doi = {10.1007/978-3-030-45371-8_2},

issn = {16113349},

year  = {2020},

date = {2020-01-01},

journal = {Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)},

volume = {12056 LNCS},

pages = {20--38},

abstract = {Cyber Security researchers are in an ongoing battle against ransomware attacks. Some exploits begin with social engineering methods to install payloads on victims' computers, followed by a communication with command and control servers for data exchange. To scale down these attacks, scientists should shed light on the danger of those rising intrusions to prevent permanent data loss. To join this arm race against malware, we propose in this paper an analysis of various ransomware families based on the collected system and network logs from a computer. We delve into malicious network traffic generated by these samples to perform a packet level detection. Our goal is to reconstruct ransomware's full activity to check if its network communication is distinguishable from benign traffic. Then, we examine if the first packet sent occurs before data's encryption to alert the administrators or afterwards. We aim to define the first occurrence of the alert raised by malicious network traffic and where it takes place in a ransomware workflow. Logs collected are available at http://serveur2.seres.rennes.telecom-bretagne.eu/data/RansomwareData/.},

keywords = {Machine learning, Network traffic, Ransomware},

pubstate = {published},

tppubtype = {article}

}

@article{Pahl2019b,

title = {Machine-learning based IoT data caching},

author = {Marc Oliver Pahl and Stefan Liebald and Lars Wustrich},

isbn = {9783903176157},

year  = {2019},

date = {2019-01-01},

journal = {2019 IFIP/IEEE Symposium on Integrated Network and Service Management, IM 2019},

pages = {9--12},

abstract = {he Internet of Things (IoT) continuously produces big amounts of data. Data-centric middleware can therefore help reducing the complexity when orchestrating distributed Things. With its heterogeneity and resource limitations, IoT applications can lack performance, scalability, or resilience. Caching can help overcoming the limitations. We are currently working on establishing data caching within IoT middleware. The paper presents fundamentals of caching, major challenges, relevant state of the art, and a description of our current approaches. We show directions of using machine learning for caching in the IoT.},

keywords = {Caching, Data-centric, Internet of Things, Machine learning},

pubstate = {published},

tppubtype = {article}

}