fbpx Defense of a Master’s Thesis by Hamdi Abu Helow in the Cyber Security Program | ARAB AMERICAN UNIVERSITY


Contact information for Technical Support and Student Assistance ... Click here

Defense of a Master’s Thesis by Hamdi Abu Helow in the Cyber Security Program

Wednesday, April 3, 2024

Researcher Hamdi Yasser Abu Helow, a student in the Master’s Program in Cyber Security, has defended his thesis titled “Detection and Prediction of Ransomware Based on Network Behavior Using Machine Learning”.

The use of the Internet has become a daily thing that a person can easily practice through several means, such as desktop and laptop computers, mobile phones, as well as many home devices. This widespread use has led to a significant increase in various electronic attacks, perhaps the most famous and dangerous of which are ransomware viruses. The danger of these viruses lies in the targets they seek to attack, as they are not limited to ordinary people, but rather they attack hospitals, private and government institutions, companies, educational institutions, and many other targets. Thus, the ransomware attack has become one of the most dangerous cyber-attacks over the past few years.

Past studies have shown fairly effective tools, some of which relied on analyzing the behavior of the infected device by monitoring some of the processes used by the ransomware virus, and others relied on network behavior by monitoring and analyzing a specific protocol that the ransomware virus uses. With the constant change in the strategy used by this type of virus, the process of detecting it has become a major challenge for cyber security experts.

This research focused on an in-depth analysis of the behavior of the ransomware virus across the network and the use of hybrid analysis of a set of protocols used by machine learning algorithms. A test platform consisting of 3 devices was configured to extract network data for 145 samples belonging to four famous families. This data was used to test three algorithms to detect ransomware, and the best algorithm succeeded with 93% accuracy in detecting ransomware and determining its type in a time of 3.7 seconds.

The thesis was supervised by Dr. Mohammed Hamarsheh. The committee of examiners included Dr. Ahmad Awad and Dr. Hudayfa Al Ashqar.