Multiagent Systems is the title of a collection of papers dedicated to surveying specific themes of Multiagent Systems (MAS) and Distributed Artificial Intelligence (DAI). All of them authored by leading researchers of this dynamic multidisciplinary field.

/pdf/multiagent-systems-a-modern-approach-to-distributed-5fon0donq1.pdf

Multiagent systems: a modern approach to distributed artificial intelligence

A survey on security and privacy of federated learning

Ransomware threat success factors, taxonomy, and countermeasures

The rise of ransomware and emerging security challenges in the Internet of Things

Classification of ransomware families with machine learning based on N-gram of opcodes

Software-defined networking-based crypto ransomware detection using HTTP traffic characteristics

Currently, different forms of ransomware are increasingly threatening Internet users. Modern ransomware encrypts important user data, and it is only possible to recover it once a ransom has been paid. In this article we show how software-defined networking can be utilized to improve ransomware mitigation. In more detail, we analyze the behavior of popular ransomware — CryptoWall — and, based on this knowledge, propose two real-time mitigation methods. Then we describe the design of an SDN-based system, implemented using OpenFlow, that facilitates a timely reaction to this threat, and is a crucial factor in the case of crypto ransomware. What is important is that such a design does not significantly affect overall network performance. Experimental results confirm that the proposed approach is feasible and efficient.

Using Software-Defined Networking for Ransomware Mitigation: The Case of CryptoWall

A recent trend involves exploiting various information-hiding techniques to empower malware-for example, to bypass mobile device security frameworks or to exfiltrate sensitive data. The authors provide an overview of information-hiding techniques that can be utilized by malware. They showcase existing and emerging threats that use different types of data-hiding mechanisms (not just those adopting classical covert channels), with the goal of monitoring these threats and proposing efficient countermeasures.

The New Threats of Information Hiding: The Road Ahead

Cybersecurity education: Evolution of the discipline and analysis of master programs

The paper presents the analysis of the CryptoWall ransomware network behaviour. In this approach a HoneyPot technology as well as the automatic run-time malware analytical system called Maltester were used. We present the practical results of the analyses, technologies and tools used, and the gained experience with dynamic analysis of ransomware software in a dedicated environment. Most of the data was collected with the use of the HoneyPot infrastructure created and deployed in the network of the Institute of Computer Science WUT. Streszczenie. Praca przedstawia analizę zachowania sieciowego złośliwego oprogramowania CryptoWall typu ransomware. W badaniach wykorzystano technologię HoneyPot oraz system automatycznej analizy działania złośliwego oprogramowania w czasie jego wykonywania o nazwie Maltester. Zaprezentowano zarówno uzyskane wyniki analiz, wykorzystane technologie i narzędzia jak i doświadczenia zebrane podczas analizy oprogramowania typu ransomware w autorskim środowisku analitycznym. Większość danych zebrana została z wykorzystaniem infrastruktury HoneyPot stworzonej i wdrożonej w sieci Instytutu Informatyki Politechniki Warszawskiej. (Dynamiczna analiza aktywności sieciowej oprogramowania CryptoWall typu ransomware).

Krzysztof Cabaj

Papers

Software-defined networking-based crypto ransomware detection using HTTP traffic characteristics

Using Software-Defined Networking for Ransomware Mitigation: The Case of CryptoWall

The New Threats of Information Hiding: The Road Ahead

Cybersecurity education: Evolution of the discipline and analysis of master programs

Network activity analysis of CryptoWall ransomware