Background: Ransomware attacks are a significant threat to digital informa-tion, and with the increasing adoption of cloud storage services, attackers now targetcloud environments. The existing literature on ransomware detection has primarilyfocused on local environments, and there is a limited body of research on applyingthese approaches to the cloud environment. Objectives: In this thesis, we aim to develop a behavior-based ransomware de-tection system for cloud environments, specifically focusing on Google Drive, usingmachine learning techniques. We will create a dedicated Google Workspace and uti-lize the Google Cloud Platform for developing the anomaly detection classifier. Methods: We will review related work in ransomware detection and machinelearning approaches to select suitable techniques for our research. Our anomaly de-tection classifier will analyze user activities in the cloud, such as file access patternsand permission changes, to detect deviations indicative of ransomware attacks. Results: We will validate our system’s performance by conducting experimentsin our Google Workspace, emulating ransomware attacks, and comparing the classi-fier’s performance against existing techniques. Conclusions: Our thesis aims to contribute a novel, behavior-based detectionsystem for ransomware attacks in cloud environments, advancing the state-of-the-artand providing a scalable solution for various cloud storage providers.Keywords: ransomware detection, cloud environments, behavior-based detec-tion, machine learning, Google Drive.
| Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:bth-24943 |
| Date | January 2023 |
| Creators | Popryho, Yaroslav, Popryho, Leonid |
| Publisher | Blekinge Tekniska Högskola, Institutionen för datavetenskap |
| Source Sets | DiVA Archive at Upsalla University |
| Language | English |
| Detected Language | English |
| Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
| Format | application/pdf |
| Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0018 seconds