Nutanix Ransomware Attack Detection
In our ever growing technological world security is a key feature that we all depend on, recently we have seen how ransomware is a growing threat to the security of many institutions within the cyber domain. Universities’ have had information stolen, pipeline’s operations get halted, hospitals can get shut down. These are just some of the most recent instances of ransomware causing huge damage to our society. Our goal in this project was to work with Nutanix to research and design a system that can detect ransomware on a hypervisor level instead of the individual level with high accuracy. We started by researching the signals that ransomware emits when it begins its attack. Once we had a solid set of signals we chose the strongest ones that can be collected on the hypervisor level. We found storage and network to be our two main sources. With storage we capture the write processes and calculate the average entropy within a minute window. With the network side we capture HTTP packets using a vSwitch, and parse the packet for several signals: HTTP status, entropy of URL name, number of digits in URL, length of URL, number of parameters in packet, and the number of fragments. We trained a decision tree machine learning model that we now use to detect with 93% accuracy if a URL is malicious or not. We then combine these two signals using a sliding window, with the network as a trigger, to create an alert signal.
I will be graduating in Winter 2022 with a BS in Computer Engineering. I’m very interested in Cyber Security, Robotics Engineering, Embedded Systems, and Distributed Systems.
Originally from Sarcelles, France, I have lived in California for the past 6 years and have been passionate about computer science for roughly as long. I should be graduating this quarter, June 2021, and hope to continue living in the Bay Area. Over these years I have found a growing interest in the making of mobile applications and machine learning algorithms.
Resume available on demand.
I graduated in March of 2021 with a B.S. in Computer Science and currently work as a fullstack software engineer. I enjoy working and learning about distributed systems, blockchain conesus, and cybersecurity as well as frontend technologies such as REACT and typescript.
Personal Website: cyruskarsan.github.io
Other Partners Day 2021 ProjectsRansomware Detection
Spark IP Address API
Dell Cloud Garbage Collection
PSLab plugin for OpenTAP
Mobile Power Station
Portable PLA Spectrometer
Plastic to Fuel Portable Diesel Lab
Simple Sort - Automated Trash, Compost, and Recycling Bin
Autonomous Fog Water Collector
Dynamic Bicycle Safety
Passive Biosensor Suite
Facial Recognition Door Lock
Mood Tracking Biosensor
Affordable Piano Amplification