A Game Theoretic Approach to Modelling Jamming Attacks in Delay Tolerant Networks

Cyberspace plays a prominent role in our social, economic and civic welfare and cyber security issues are of paramount importance today. Growing reliance of the intertwined military and civilian applications on wireless computer networks makes these networks highly vulnerable to attacks of which jamming attacks are a vital and exigent problem. In this paper, we study defence against jamming attacks as game in a delay tolerant network, with two adversarial players: the jammer playing against the transmitter. The transmitters seek to choose an optimal time to schedule his transmission securely, so as to maximize the probability of successful delivery before his session expires, while these transmissions are subject to inference from the jammer, who attempts to minimize this probability . We design strategies for the transmitters that offset transmission period based inference of network traffic by the jammer. We model these interactions and decisions as a game and use simulation as a tool to evaluate the games. Probability distribution functions over finite set of strategies are proposed to compute the expected payoff of both the players. Simulation results are used to evaluate the expected payoff along with the resulting equilibrium in cases where players are biased and unbiased. These results are used to strategically decide on the optimal time for both the players, and evaluate the efficiency of the strategies used by the transmitters against jammer attacks.

A fine-tuning of decision tree classifier for ransomware detection based on memory data

Ransomware has evolved into a pervasive and extremely disruptive cybersecurity threat, causing substantial operational and financial damage to individuals and businesses. This article explores the critical domain of Ransomware detection and employs Machine Learning (ML) classifiers, particularly Decision Tree (DT), for Ransomware detection. The article also delves into the usefulness of DT in identifying Ransomware attacks, leveraging the innate ability of DT to recognize complex patterns within datasets. Instead of merely introducing DT as a detection method, we adopt a comprehensive approach, emphasizing the importance of fine-tuning DT hyperparameters. The optimization of these parameters is essential for maximizing the DT capability to identify Ransomware threats accurately. The obfuscated-MalMem2022 dataset, which is well-known for its extensive and challenging Ransomware-related data, was utilized to evaluate the effectiveness of DT in detecting Ransomware. The implementation uses the versatile Python programming language, renowned for its efficiency and adaptability in data analysis and ML tasks. Notably, the DT classifier consistently outperforms other classifiers in Ransomware detection, including K-Nearest Neighbors, Gradient Boosting Tree, Naive Bayes, and Linear Support Vector Classifier. For instance, the DT demonstrated exceptional effectiveness in distinguishing between Ransomware and benign data, as evidenced by its remarkable accuracy of 99.97%