|
[1] R. Jacobson, “2.5 quintillion bytes of data created every day. how does cpg & retail manage it,” IBM, 2013.
[2] M. Mohri, A. Rostamizadeh, and A. Talwalkar, Foundations of machine learning. MIT press, 2018.
[3] I. Anagnostopoulos, S. Zeadally, and E. Exposito, “Handling big data: research challenges and future directions,” The Journal of Supercomputing, vol. 72, no. 4, pp. 1494–1516, 2016.
[4] K. Wadhwani and D. Y. Wang, “Big data challenges and solutions,” tech. rep., Technical report, 2017.
[5] M. Satyanarayanan, “The emergence of edge computing,” Computer, vol. 50, no. 1, pp. 30–39, 2017.
[6] N. Tran and D. A. Reed, “Automatic arima time series modeling for adaptive i/o prefetching,” IEEE Transactions on parallel and distributed systems, vol. 15, no. 4, pp. 362–377, 2004.
[7] K. J. Nesbit and J. E. Smith, “Data cache prefetching using a global history buffer,”in 10th International Symposium on High Performance Computer Architecture (HPCA’04), pp. 96–96, IEEE, 2004.
[8] Y. Chen, S. Byna, and X.-H. Sun, “Data access history cache and associated data prefetching mechanisms,” in SC’07: Proceedings of the 2007 ACM/IEEE Conference on Supercomputing, pp. 1–12, IEEE, 2007.
[9] Z. Li, Z. Chen, S.M. Srinivasan, and Y. Zhou, “C-miner: Mining block correlations in storage systems.,” in FAST, vol. 4, pp. 173–186, 2004.
[10] M. Saxena and M. M. Swift, “Flashvm: Virtual memory management on flash.,” in
USENIX Annual Technical Conference, 2010.
[11] Gartner, “Gartner says worldwide business intelligence and analytics market to
reach $18.3 billion in 2017,” 2017.
[12] C. Ventures, “Global cybercrime damages predicted to reach $6 trillion annually
by 2021,” 2019. https://cybersecurityventures.com/
cybercrime-damages-6-trillion-by-2021.
[13] Emsisoft-lab, “The state of ransomware in the us: Report and statistics
2019,” Jan 2020. https://blog.emsisoft.com/en/34822/
the-state-of-ransomware-in-the-us-report-and-statistics-2019/.
[14] Sophos-lab, “The state of endpoint security today,” Jan 2018.
[15] M. I. Jordan and T. M. Mitchell, “Machine learning: Trends, perspectives, and
prospects,” Science, vol. 349, no. 6245, pp. 255–260, 2015.
[16] AV-TEST, “Malware statistics and trends report: Av-test,” Mar 2020. https://www.av-test.org/en/statistics.
[17] D. R.-J. G.-J. Rydning, “The digitization of the world from edge to core,” Framingham:
International Data Corporation, 2018.
[18] I. Goodfellow, Y. Bengio, and A. Courville, Deep learning. MIT press, 2016.
[19] M. Bakhshalipour, S. Tabaeiaghdaei, P. Lotfi-Kamran, and H. Sarbazi-Azad, “Evaluation
of hardware data prefetchers on server processors,” ACM Computing Surveys
(CSUR), vol. 52, no. 3, pp. 1–29, 2019.
[20] D. Callahan, K. Kennedy, and A. Porterfield, “Software prefetching,” ACM
SIGARCH Computer Architecture News, vol. 19, no. 2, pp. 40–52, 1991.
[21] C.-K. Luk and T. C. Mowry, “Compiler-based prefetching for recursive data structures,”
in Proceedings of the seventh international conference on Architectural support
for programming languages and operating systems, pp. 222–233, 1996.
[22] D. Joseph and D. Grunwald, “Prefetching usingmarkov predictors,” in Proceedings
of the 24th annual international symposium on Computer architecture, pp. 252–
263, 1997.
[23] W. Anacker and C. P. Wang, “Performance evaluation of computing systems with
memory hierarchies,” IEEE Transactions on Electronic Computers, no. 6, pp. 764–
773, 1967.
[24] T.-F. Chen and J.-L. Baer, “Effective hardware-based data prefetching for highperformance
processors,” IEEE transactions on computers, vol. 44, no. 5, pp. 609–
623, 1995.
[25] J. W. Fu, J. H. Patel, and B. L. Janssens, “Stride directed prefetching in scalar
processors,” ACM SIGMICRO Newsletter, vol. 23, no. 1-2, pp. 102–110, 1992.
[26] X. Dong, “Critical-word-first ordering of cache memory fills to accelerate cache
memory accesses, and related processor-based systems and methods,” Sept. 11
2014. US Patent App. 13/925,874.
[27] A.-R. Adl-Tabatabai, A. M. Ghuloum, and S. O. Kanaujia, “Compression in cache
design,” in Proceedings of the 21st annual international conference on Supercomputing,
pp. 190–201, 2007.
[28] S. Belayneh and D. R. Kaeli, “A discussion on non-blocking/lockup-free caches,”
ACM SIGARCH Computer Architecture News, vol. 24, no. 3, pp. 18–25, 1996.
[29] C.-Y. Liu, J. B. Kotra, M. Jung, M. T. Kandemir, and C. R. Das, “Soml read:
Rethinking the read operation granularity of 3d nand ssds,” in Proceedings of the
Twenty-Fourth International Conference on Architectural Support for Programming
Languages and Operating Systems, pp. 955–969, 2019.
[30] J. Jhin, H. Kim, and D. Shin, “Optimizing host-level flash translation layer with
considering storage stack of host systems,” in Proceedings of the 12th International
Conference on Ubiquitous InformationManagement and Communication, pp. 1–4,
2018.
[31] H. Shim, B.-K. Seo, J.-S. Kim, and S. Maeng, “An adaptive partitioning scheme
for dram-based cache in solid state drives,” in 2010 IEEE 26th Symposium on Mass
Storage Systems and Technologies (MSST), pp. 1–12, IEEE, 2010.
[32] J. Liao, F. Trahay, B. Gerofi, and Y. Ishikawa, “Prefetching on storage servers
through mining access patterns on blocks,” IEEE Transactions on Parallel and
Distributed Systems, vol. 27, no. 9, pp. 2698–2710, 2015.
[33] C.-F. Wu, Y.-H. Chang, M.-C. Yang, and T.-W. Kuo, “Joint management of cpu
and nvdimm for breaking down the great memory wall,” IEEE Transactions on
Computers, 2020.
[34] E. A. Shriver, C. Small, and K. A. Smith, “Why does file system prefetching
work?,” in USENIX Annual Technical Conference, General Track, pp. 71–84, 1999.
[35] Sophos-lab, “A sophoslabs white paper 2019,” 2019. https://www.
sophos.com/en-us/medialibrary/PDFs/technical-papers/
sophoslabs-ransomware-behavior-report.pdf.
[36] J. S. Aidan, H. K. Verma, and L. K. Awasthi, “Comprehensive survey on petya ransomware
attack,” in 2017 International Conference on Next Generation Computing
and Information Systems (ICNGCIS), pp. 122–125, IEEE, 2017.
[37] S. Sjouwerman, “Ransomware attacks costs nearly triple in 2019 to over $36k per
attack.” https://blog.knowbe4.com.
[38] Sophos-lab, “the state of endpoint security,” 2018. https://www.sophos.
com/en-us/medialibrary/Gated-Assets/white-papers/
endpoint-survey-report.pdf.
[39] E. M. Hutchins, M. J. Cloppert, R. M. Amin, et al., “Intelligence-driven computer
network defense informed by analysis of adversary campaigns and intrusion kill
chains,” Leading Issues in Information Warfare & Security Research, vol. 1, p. 80,
2011.
[40] SentinelOne, “Autonomous ai endpoint security platform.” https://www.
sentinelone.com/.
[41] S. N. Narayanan, A. Ganesan, K. Joshi, T. Oates, A. Joshi, and T. Finin, “Early
detection of cybersecurity threats using collaborative cognition,” in 2018 IEEE 4th
international conference on collaboration and internet computing (CIC), pp. 354–
363, IEEE, 2018.
[42] R. Brewer, “Ransomware attacks: detection, prevention and cure,” Network Security,
vol. 2016, no. 9, pp. 5–9, 2016.
[43] S. Homayoun, A. Dehghantanha, M. Ahmadzadeh, S. Hashemi, and R. Khayami,
“Know abnormal, find evil: frequent pattern mining for ransomware threat hunting
and intelligence,” IEEE transactions on emerging topics in computing, 2017.
[44] D. Gonzalez and T. Hayajneh, “Detection and prevention of crypto-ransomware,”
in 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication
Conference (UEMCON), pp. 472–478, IEEE, 2017.
[45] A. Kharaz, S. Arshad, C. Mulliner, W. Robertson, and E. Kirda, “Unveil: A largescale,
automated approach to detecting ransomware,” in 25th USENIX Security
Symposium, pp. 757–772, 2016.
[46] J. Demme, M. Maycock, J. Schmitz, A. Tang, A. Waksman, S. Sethumadhavan,
and S. Stolfo, “On the feasibility of online malware detection with performance
counters,” ACM SIGARCH Computer Architecture News, vol. 41, no. 3, pp. 559–
570, 2013.
[47] M. Alam, S. Bhattacharya, S. Dutta, S. Sinha, D. Mukhopadhyay, and A. Chattopadhyay,
“Ratafia: Ransomware analysis using time and frequency informed autoencoders,”
in 2019 IEEE International Symposium on Hardware Oriented Security
and Trust (HOST), pp. 218–227, 2019.
[48] A. Gharib and A. Ghorbani, “Dna-droid: A real-time android ransomware detection
framework,” in International Conference on Network and System Security, pp. 184–198, Springer, 2017.
[49] J. Chen, C. Wang, Z. Zhao, K. Chen, R. Du, and G.-J. Ahn, “Uncovering the face
of android ransomware: Characterization and real-time detection,” IEEE Transactions
on Information Forensics and Security, vol. 13, no. 5, pp. 1286–1300, 2017.
[50] N. Scaife, H. Carter, P. Traynor, and K. R. Butler, “Cryptolock (and drop it): stopping
ransomware attacks on user data,” in 2016 IEEE 36th International Conference
on Distributed Computing Systems (ICDCS), pp. 303–312, IEEE, 2016.
[51] X. Wang, S. Chai, M. Isnardi, S. Lim, and R. Karri, “Hardware performance
counter-based malware identification and detection with adaptive compressive
sensing,” ACM Transactions on Architecture and Code Optimization (TACO),
vol. 13, no. 1, p. 3, 2016.
[52] M. Kazdagli, V. J. Reddi, andM. Tiwari, “Quantifying and improving the efficiency
of hardware-based mobile malware detectors,” in The 49th Annual IEEE/ACM International
Symposium on Microarchitecture, p. 37, IEEE Press, 2016.
[53] A. Tang, S. Sethumadhavan, and S. J. Stolfo, “Unsupervised anomaly-based malware
detection using hardware features,” in International Workshop on Recent Advances
in Intrusion Detection, pp. 109–129, Springer, 2014.
[54] M. Loman, “A sophoslabs white paper: How ransomware
attacks,” 2019. https://www.sophos.com/en-us/medialibrary/PDFs/technical-papers/sophoslabs-ransomware-behavior-report.pdf.
[55] F. De Gaspari, D. Hitaj, G. Pagnotta, L. De Carli, and L. V. Mancini, “The naked
sun: Malicious cooperation between benign-looking processes,” arXiv preprint
arXiv:1911.02423, 2019.
[56] L. F. Dias andM. Correia, “Big data analytics for intrusion detection: an overview,”
in Handbook of Research on Machine and Deep Learning Applications for Cyber
Security, pp. 292–316, IGI Global, 2020.
[57] P. A. Savenkov and A. N. Ivutin, “Methods ofmachine learning in system abnormal
behavior detection,” in International Conference on Swarm Intelligence, pp. 495–
505, Springer, 2020.
[58] C. Stoll, The cuckoo’s egg: tracking a spy through the maze of computer espionage.
Simon and Schuster, 2005.
[59] J. Lee, J. Lee, and J. Hong, “How to make efficient decoy files for ransomware detection?,” in Proceedings of the International Conference on Research in Adaptive
and Convergent Systems, pp. 208–212, 2017.
[60] J. G´omez-Hern´andez, L. ´Alvarez-Gonz´alez, and P. Garc´ıa-Teodoro, “R-locker:
Thwarting ransomware action through a honeyfile-based approach,” Computers &
Security, vol. 73, pp. 389–398, 2018.
[61] W. Data, “Cryptostopper (2018),” https://www.watchpointdata.com/
cryptostopper.
[62] S. Mehnaz, A. Mudgerikar, and E. Bertino, “Rwguard: A real-time detection system
against cryptographic ransomware,” in International Symposium on Research
in Attacks, Intrusions, and Defenses, pp. 114–136, Springer, 2018.
[63] B. Heater, “How ransomware conquered the world,” PC Magazine Digital Edition,
pp. 109–118, 2016.
[64] E. Alpaydin, Introduction to machine learning. MIT press, 2020.
[65] N. J. Nilsson, “Introduction to machine learning: An early draft of a proposed
textbook,” 1996.
[66] J. Vamathevan, D. Clark, P. Czodrowski, I. Dunham, E. Ferran, G. Lee, B. Li,
A. Madabhushi, P. Shah, M. Spitzer, et al., “Applications of machine learning
in drug discovery and development,” Nature Reviews Drug Discovery, vol. 18,
pp. 463–477, 2019.
[67] M. Bojarski, D. Del Testa, D. Dworakowski, B. Firner, B. Flepp, P. Goyal, L. D.
Jackel,M.Monfort, U.Muller, J. Zhang, et al., “End to end learning for self-driving
cars,” arXiv preprint arXiv:1604.07316, 2016.
[68] K. He, X. Zhang, S. Ren, and J. Sun, “Delving deep into rectifiers: Surpassing
human-level performance on imagenet classification,” in Proceedings of the IEEE
international conference on computer vision, pp. 1026–1034, 2015.
[69] G. Apruzzese, M. Colajanni, L. Ferretti, A. Guido, and M. Marchetti, “On the
effectiveness of machine and deep learning for cyber security,” in 2018 10th International
Conference on Cyber Conflict (CyCon), pp. 371–390, IEEE, 2018.
[70] C. Gao, M. Ye, Q. Li, C. J. Xue, Y. Zhang, L. Shi, and J. Yang, “Constructing
large, durable and fast ssd system via reprogramming 3d tlc flash memory,” in
Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture,
pp. 493–505, 2019.
[71] “Msr cambridge traces kernel description.” http://iotta.snia.org/
tracetypes/3. Accessed: 2019-02-15.
[72] Y.-H. Chang, J.-W. Hsieh, and T.-W. Kuo, “Endurance enhancement of flashmemory
storage, systems: An efficient static wear leveling design,” in 2007 44th
ACM/IEEE Design Automation Conference, pp. 212–217, IEEE, 2007.
[73] Y.-H. Chang, J.-W. Hsieh, and T.-W. Kuo, “Improving flash wear leveling by proactivelymoving static data,” IEEE Transactions on Computers, vol. 59, no. 1, pp. 53–
65, 2009.
[74] M.-C. Yang, Y.-H. Chang, C.-W. Tsao, and P.-C. Huang, “New era: New efficient
reliability-aware wear leveling for endurance enhancement of flash storage
devices,” in 2013 50th ACM/EDAC/IEEE Design Automation Conference (DAC),
pp. 1–6, IEEE, 2013.
[75] R. Jozefowicz, W. Zaremba, and I. Sutskever, “An empirical exploration of recurrent
network architectures,” in International Conference on Machine Learning,
pp. 2342–2350, 2015.
[76] I. Sutskever, O. Vinyals, and Q. V. Le, “Sequence to sequence learning with neural
networks,” in Advances in neural information processing systems, pp. 3104–3112,2014.
[77] B. Hammer, “On the approximation capability of recurrent neural networks,” Neurocomputing, vol. 31, no. 1-4, pp. 107–123, 2000.
[78] X. Rong, “word2vec parameter learning explained,” arXiv preprint
arXiv:1411.2738, 2014.
[79] J. Mao, W. Xu, Y. Yang, J. Wang, Z. Huang, and A. Yuille, “Deep captioning with
multimodal recurrent neural networks (m-rnn),” arXiv preprint arXiv:1412.6632,
2014.
[80] M. Artetxe, G. Labaka, E. Agirre, and K. Cho, “Unsupervised neural machine
translation,” arXiv preprint arXiv:1710.11041, 2017.
[81] S. Hochreiter and J. Schmidhuber, “Long short-term memory,” Neural computation,
vol. 9, no. 8, pp. 1735–1780, 1997.
[82] Z. Zhang and M. Sabuncu, “Generalized cross entropy loss for training deep neural
networks with noisy labels,” in Advances in neural information processing systems,
pp. 8778–8788, 2018.
[83] D. P. Kingma and J. Ba, “Adam: A method for stochastic optimization,” arXiv
preprint arXiv:1412.6980, 2014.
[84] N. Srivastava, G. Hinton, A. Krizhevsky, I. Sutskever, and R. Salakhutdinov,
“Dropout: a simple way to prevent neural networks from overfitting,” The journal
of machine learning research, vol. 15, no. 1, pp. 1929–1958, 2014.
[85] K. Shah, A. Mitra, and D. Matani, “An o (1) algorithm for implementing the lfu
cache eviction scheme,” vol. 1, pp. 1–8, 2010.
[86] J. Lee, H. Kim, and R. Vuduc, “When prefetching works, when it doesn’t, and
why,” ACM Transactions on Architecture and Code Optimization (TACO), vol. 9,
no. 1, p. 2, 2012.
[87] J. Liao and S. Chen, “Optimization of reading data via classified block access patterns
in file systems,” IEEE Access, vol. 4, pp. 9421–9427, 2016.
[88] G. C. Cawley and N. L. Talbot, “On over-fitting in model selection and subsequent
selection bias in performance evaluation,” Journal of Machine Learning Research,
vol. 11, no. Jul, pp. 2079–2107, 2010.
[89] I. J. Brekke, L. H. Puntervoll, P. B. Pedersen, J. Kellett, and M. Brabrand, “The
value of vital sign trends in predicting and monitoring clinical deterioration: A
systematic review,” PloS one, vol. 14, no. 1, p. e0210875, 2019.
[90] N. Herath and A. Fogh, “Cpu hardware performance counters for security. blackhat
usa 2015 briefing.(2015),” 2015.
[91] A. C. De Melo, “The new linux perf’tools,” in Slides from Linux Kongress, vol. 18, 2010.
[92] M. R. Lopez, “Lockergoga ransomware family used in targeted attacks,” 2019.
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/lockergoga-ransomware-family-used-in-targeted-attacks/.
[93] S. Salvador and P. Chan, “Toward accurate dynamic time warping in linear time
and space,” Intelligent Data Analysis, vol. 11, no. 5, pp. 561–580, 2007.
[94] L. Nanni, S. Ghidoni, and S. Brahnam, “Handcrafted vs. non-handcrafted features
for computer vision classification,” Pattern Recognition, vol. 71, pp. 158–172, 2017.
[95] R. H. Hahnloser, R. Sarpeshkar, M. A. Mahowald, R. J. Douglas, and H. S. Seung,
“Digital selection and analogue amplification coexist in a cortex-inspired silicon
circuit,” Nature, vol. 405, no. 6789, p. 947, 2000.
[96] S. Ioffe and C. Szegedy, “Batch normalization: Accelerating deep network training
by reducing internal covariate shift,” arXiv preprint arXiv:1502.03167, 2015.
[97] W. Liu, Y.Wen, Z. Yu, andM. Yang, “Large-margin softmax loss for convolutional
neural networks.,” in ICML, vol. 2, p. 7, 2016.
[98] J.-M. Roberts, “Virus share.(2011),” 2011. https://virusshare.com.
[99] E. Berrueta, D.Morato, E.Maga˜na, andM. Izal, “A survey on detection techniques
for cryptographic ransomware,” IEEE Access, vol. 7, pp. 144925–144944, 2019.
[100] S. Garfinkel, P. Farrell, V. Roussev, and G. Dinolt, “Bringing science to digital
forensics with standardized forensic corpora,” digital investigation, vol. 6, pp. S2–
S11, 2009.
[101] L. Fernandez Maimo, A. Huertas Celdran, A. L. Perales Gomez, G. Clemente,
J. F´elix, J.Weimer, and I. Lee, “Intelligent and dynamic ransomware spread detection
and mitigation in integrated clinical environments,” Sensors, vol. 19, p. 1114, 2019.
[102] A. Fisher, C. Rudin, and F. Dominici, “All models are wrong but many are useful:
Variable importance for black-box, proprietary, or misspecified prediction models,
using model class reliance,” arXiv preprint arXiv:1801.01489, 2018.
[103] “29 must-know cybersecurity statistics for 2020,” Mar 2020. https://www.cyber-observer.com/cyber-news-29-statistics-for-2020-cyber-observer.
[104] “Coronavirus ransomware,” Mar 2020. https://www.cyberark.com/threat-research-blog/coronavirus-ransomware/.
[105] T. Holt, The deceivers: Allied military deception in the Second World War. Simon
and Schuster, 2010.
[106] G. Hull, H. John, and B. Arief, “Ransomware deployment methods and analysis:
views from a predictive model and human responses,” Crime Science, vol. 8, p. 2,
2019.
[107] Sophos, “Sophos lab security threat report.,” 2020. https://www.sophos.
com/en-us/labs/security-threat-report.aspx.
[108] S. Kumar et al., “An emerging threat fileless malware: a survey and research challenges,” Cybersecurity, vol. 3, no. 1, pp. 1–12, 2020.
[109] “Black ruby: Combining ransomware and coin miner malware,” 2019. https://www.acronis.com/en-us/blog/posts/black-ruby-combining-ransomware-and-coin-miner-malware.
[110] E. Bisong, “Introduction to scikit-learn,” in Building Machine Learning and Deep
Learning Models on Google Cloud Platform, pp. 215–229, Springer, 2019.
[111] A. van Wyk, “Encoding cyclical features for deep learning,” 2018.
[112] T. Ronan, Z. Qi, and K. M. Naegle, “Avoiding common pitfalls when clustering
biological data,” Science signaling, vol. 9, pp. re6–re6, 2016.
[113] Y. Xu, D. Zhang, and J.-Y. Yang, “A feature extractionmethod for use with bimodal
biometrics,” Pattern recognition, vol. 43, pp. 1106–1115, 2010.
[114] L. Zhang, R. Lukac, X. Wu, and D. Zhang, “Pca-based spatially adaptive denoising
of cfa images for single-sensor digital cameras,” IEEE transactions on image
processing, vol. 18, pp. 797–812, 2009.
[115] H. Ashtiani, S. Kushagra, and S. Ben-David, “Clustering with same-cluster
queries,” in Advances in neural information processing systems, pp. 3216–3224, 2016.
[116] B. J. Frey and D. Dueck, “Clustering by passing messages between data points,”
science, vol. 315, pp. 972–976, 2007.
[117] Kaspersky-lab, “Ransomware 2018-2020,” May 2020. https:
//media.kasperskycontenthub.com/wp-content/
uploads/sites/100/2020/05/12075747/KSN-article_Ransomware-in-2018-2020-1.pdf.
[118] N. Coldwell, “Comparison of audio compression.” http://nigelcoldwell.
co.uk/audio/index.htm.
[119] Z. A. Genc¸, G. Lenzini, and D. Sgandurra, “On deception-based protection against
cryptographic ransomware,” in International Conference on Detection of Intrusions
and Malware, and Vulnerability Assessment, pp. 219–239, Springer, 2019.
[120] C. H. Malin, E. Casey, and J. M. Aquilina, Malware forensics field guide for Windows
Systems: Digital forensics field guides. Elsevier, 2012. |
