1. CSN
  2. All Volumes and Issues
  3. Volume 6, Number 1, 2024
  4. Development of a Method for Investigating Cybercrimes by the Type of Ransomware Using Artificial Intelligence Models in the Information Security Management System of Critical Infrastructure

Development of a Method for Investigating Cybercrimes by the Type of Ransomware Using Artificial Intelligence Models in the Information Security Management System of Critical Infrastructure

CSN.
2024;
Volume 6, Number 1
: pp. 15 - 25
https://doi.org/10.23939/csn2024.01.015
Authors:
  1. Andrii Partyka
  2. Oleh Harasymchuk
  3. Elena Nyemkova
  4. Yaroslav R. Sovyn
  5. Valeriy Dudykevych
1
Lviv Polytechnic National University, Ukraine
2
Lviv Polytechnic National University, Information Security Department
3
Lviv Polytechnic National University
4
Lviv Polytechnic National University, Lviv, Ukraine
5
Lviv Polytechnic National University

In this article, the authors focused on analyzing the possibilities of using artificial intelligence models for effective detection and analysis of cybercrimes. A comprehensive method using artificial intelligence algorithms, such as Random Forest and Isolation Forest algorithms, is developed and described to detect ransomware, which is one of the main threats to information security management systems (ISMS) in the field of critical infrastructure. The result of the study is the determination of the compatibility of such methods with the requirements of ISO 27001:2022, emphasizing the importance of integrating innovative AI technologies into already existing security systems. In addition, the article analyzes the potential advantages of such integration, including compliance with the requirements of international information security frameworks.

Isolation Forest
random forest
critical infrastructure
information security management system
ISO 27001
cyber security
cyber security standard
cybercrime
ISMS
ransomware
SIEM
edr
security monitoring
antivirus
machine learning
computer networks
information systems
  1. Hughes Jack, Pastrana Sergio, Hutchings Alice, Afroz Sadia, Samtani Sagar, Li Weifeng, and Ericsson Santana Marin. (2024). The Art of Cybercrime Community Research. ACM Comput. Surv. 56, 6, Article 155 (June 2024), 26 pages. DOI:10.1145/3639362 (дата звернення: 01. 03. 2024).
  2. Tvaronavičienė Manuela, Plėta Tomas, Della Casa Silvia. Cyber security management model for critical infrastructure protection. In: Proceedings of the Selected papers of the International Scientific Conference “Contemporary Issues in Business, Management and Economics Engineering”. 2021. DOI: 10.3846/cibmee.2021.611 (дата звернення: 01. 03. 2024).
  3. Sarker Iqbal  H., Furhad Md Hasan, Nowrozy Raza. Ai-driven cybersecurity: an overview, security intelligence modeling and research directions. SN Computer Science, 2021, 2: 1–18. DOI: 10.1007/s42979-021-00557- 0 (дата звернення: 01. 03. 2024).
  4. Tao Feng, Akhtar Muhammad Shoaib, Jiayuan Zhang. The future of artificial intelligence in cybersecurity: A comprehensive survey. EAI Endorsed Transactions on Creative Technologies, 2021, 8.28: e3-e3. DOI: 10.4108/eai.7-7-2021.170285 (дата звернення: 01. 03. 2024).
  5. Oz Harun, Aris Ahmet, Levi Albert, and Selcuk Uluagac A. (2022). A Survey on Ransomware: Evolution, Taxonomy, and Defense Solutions. ACM Comput. Surv. 54, 11s, Article 238 (January 2022), 37 pages. DOI: 10.1145/3514229 (дата звернення: 01. 03. 2024).
  6. Cybersecurity   Ventures   Report   on   Cybercrime   [Електронний   ресурс] //   eSentire.   –   Режим доступу:        https://www.esentire.com/cybersecurity-fundamentals-defined/glossary/cybersecurity-ventures-report-on- cybercrime (дата звернення: 01.03.2024).
  7. FBI Releases  2022  Crime  in  the  Nation  Statistics  [Електронний  ресурс] //  FBI  –  Режим доступу: https://www.fbi.gov/news/press-releases/fbi-releases-2022-crime-in-the-nation-statistics (дата звернення: 01. 03. 2024).
  8. Vidyarthi Deepti, et al. Static malware analysis to identify ransomware properties. International Journal of Computer Science Issues (IJCSI), 2019, 16.3: 10–17. DOI: 10.5281/zenodo.3252963 (дата звернення: 01. 03. 2024).
  9. Aminanto M. E., Ban T., Isawa R., Takahashi T. and Inoue D. Threat Alert Prioritization Using Isolation Forest and Stacked Auto Encoder With Day-Forward-Chaining Analysis, in IEEE Access, vol. 8, pp. 217977–217986, 2020, DOI: 10.1109/ACCESS.2020.3041837 (дата звернення: 01.03. 2024).
  10. Apruzzese G., Andreolini M., Colajanni M. and Marchetti M. Hardening Random Forest Cyber Detectors Against Adversarial Attacks, in IEEE Transactions on Emerging Topics in Computational Intelligence, vol. 4, no. 4, pp. 427–439, Aug. 2020, DOI: 10.1109/TETCI.2019.2961157 (дата звернення: 01. 03. 2024).
  11. Ferrag Mohamed Amine, et al. Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study. Journal of Information Security and Applications, 2020, 50: 102419. DOI: 10.1016/j.jisa.2019.102419 (дата звернення: 01. 03. 2024).
  12. (2022). ISO/IEC 27001: Information security, cybersecurity and privacy protection — Information security management                    systems    —                      Requirements.                                URL:              https://www.iso.org/standard/82875.html. DOI:10.1016/j.jisa.2019.102419 (дата звернення: 01. 03. 2024).
  13. Fathurohman Adrian, Witjaksono R. Wahjoe. Analysis and Design of Information Security Management System Based on ISO 27001: 2013 Using  ANNEX  Control  (Case  Study:  District  of  Government  of  Bandung City). Bulletin of Computer Science and Electrical Engineering, 2020, 1.1: 1–11. DOI:10.25008/bcsee.v1i1.2 (дата звернення: 01. 03. 2024).