Detailed Information

Cited 0 time in webofscience Cited 0 time in scopus
Metadata Downloads

정적 특징 기반 랜섬웨어 탐지를 위한 특징 중요도 알고리즘 비교 및 특징 선정 연구

Full metadata record
DC Field Value Language
dc.contributor.author전혜민-
dc.contributor.author최두섭-
dc.contributor.author임을규-
dc.date.accessioned2026-03-25T05:31:58Z-
dc.date.available2026-03-25T05:31:58Z-
dc.date.issued2025-08-
dc.identifier.issn3022-7011-
dc.identifier.issn3022-7011-
dc.identifier.urihttps://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/211571-
dc.description.abstract본 논문에서는 랜섬웨어 PE 파일 헤더 정보, 섹션 크기, 가상 메모리 크기 등 54개의 정적 특징을 추출하여 Gain Ratio, Information Gain, Gini Importance, Mutual Information 네 가지 알고리즘으로 중요도를 평가하고, 각 알고리즘 상위 K값에 해당하는 특징 집합을 구성해 Random Forest, Decision Tree, Support Vector Machine, Multi-Layer Perceptron 네 가지 분류 모델을 학습·검증하였다. 실험 결과, RF 모델이 Gain Ratio 기반 K=0.01에서 41개 특징으로 99.33%의 최고 정확도를 달성했으며, DT(98.67%), SVM(96.67%), MLP(98.75%) 등 모든 모델이 96% 이상의 성능을 보였다. 이를 통해 특징 수 조정으로 학습 자원을 적게 사용하면서 높은 탐지 정확도를 확인하였다.-
dc.description.abstractIn this paper, we extract 54 static features from ransomware PE files-including header metadata, section sizes, and virtual memory sizes-and evaluate their importance using four algorithms: Gain Ratio, Information Gain, Gini Importance, and Mutual Information. For each algorithm, we select the top-K features to form a reduced feature set, which is then used to train and validate four classification models: Random Forest, Decision Tree, Support Vector Machine, and Multi-Layer Perceptron. Experimental results show that the Random Forest model, using 41 features selected by a Gain Ratio threshold of K = 0.01, achieves the highest accuracy of 99.33%. The Decision Tree, SVM, and MLP models also demonstrate strong performance with accuracies of 98.67%, 96.67%, and 98.75%, respectively. These findings confirm that careful feature selection can substantially reduce computational costs while maintaining high detection accuracy.-
dc.format.extent12-
dc.language한국어-
dc.language.isoKOR-
dc.publisher한국정보처리학회-
dc.title정적 특징 기반 랜섬웨어 탐지를 위한 특징 중요도 알고리즘 비교 및 특징 선정 연구-
dc.title.alternativeA Comparative Study of Feature Importance Algorithms and Feature Selection for Static Feature-Based Ransomware Detection-
dc.typeArticle-
dc.publisher.location대한민국-
dc.identifier.doi10.3745/TKIPS.2025.14.8.576-
dc.identifier.bibliographicCitation정보처리학회 논문지, v.14, no.8, pp 576 - 587-
dc.citation.title정보처리학회 논문지-
dc.citation.volume14-
dc.citation.number8-
dc.citation.startPage576-
dc.citation.endPage587-
dc.type.docTypeY-
dc.identifier.kciidART003234372-
dc.description.isOpenAccessY-
dc.description.journalRegisteredClasskci-
dc.subject.keywordAuthor랜섬웨어-
dc.subject.keywordAuthor특징 중요도-
dc.subject.keywordAuthor정적 특징-
dc.subject.keywordAuthor머신러닝-
dc.subject.keywordAuthorRansomware-
dc.subject.keywordAuthorFeature Importance-
dc.subject.keywordAuthorStatic Feature-
dc.subject.keywordAuthorMachine Learning-
dc.identifier.urlhttps://koreascience.or.kr/article/JAKO202524857637014.page-
Files in This Item
Go to Link
Appears in
Collections
서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles

qrcode

Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.

Related Researcher

Researcher Im, Eul Gyu photo

Im, Eul Gyu
COLLEGE OF ENGINEERING (SCHOOL OF COMPUTER SCIENCE)
Read more

Altmetrics

Total Views & Downloads

BROWSE