URL-Based Classification Features in Preventing Ransomware Cyber-Attacks

Abstract

During pandemic COVID-19 outbreaks, the number of ransomware cyber-attacks has increased tremendously. Ransomware often spreads through malicious links or compromised URLS. Such link infects a computer and restricts users’ access until a ransom is paid to unlock it. Nowadays, several ransomware detection techniques have been developed, however these approaches were either unsuccessful or unable to prevent these attacks. One of the downsides is due to the poor detection accuracy and low adaptability to the new variants of ransomware. Another reason behind the unsuccessful ransomware detection solutions is an arbitrary selected URL-based classification features which may produce false results to the detection. The objective of this research is to identify the potential URL-based web characteristics that can be manipulated to infect computers. Therefore, in this paper, twelve (12) potential URL-based web characteristics that can be manipulated to infect computers were analysed. Datasets of 10000 legitimate emails and a number of 3240 phishing emails were examined using heuristic-based model. It is believed that, an ongoing updated ransomware rules and database which is built-on immunological memory of updated URL ransomware features will prevent ransomware attacks with an appropriate countermeasure for prevention and removal.