Ransomware Detection and Classification using Machine Learning

TL;DR

This paper presents a machine learning approach using XGBoost and Random Forest algorithms to detect and classify ransomware attacks accurately, enhancing cybersecurity defenses.

Contribution

It introduces a novel application of XGBoost and Random Forest for ransomware detection and classification based on behavioral feature analysis.

Findings

High accuracy in ransomware detection

Effective classification of ransomware families

Demonstrated robustness on ransomware datasets

Abstract

Vicious assaults, malware, and various ransomware pose a cybersecurity threat, causing considerable damage to computer structures, servers, and mobile and web apps across various industries and businesses. These safety concerns are important and must be addressed immediately. Ransomware detection and classification are critical for guaranteeing rapid reaction and prevention. This study uses the XGBoost classifier and Random Forest (RF) algorithms to detect and classify ransomware attacks. This approach involves analyzing the behaviour of ransomware and extracting relevant features that can help distinguish between different ransomware families. The models are evaluated on a dataset of ransomware attacks and demonstrate their effectiveness in accurately detecting and classifying ransomware. The results show that the XGBoost classifier, Random Forest Classifiers, can effectively detect and classify different ransomware attacks with high accuracy, thereby providing a valuable tool for enhancing cybersecurity.