Intelligent Code Embedding Framework for High-Precision Ransomware Detection via Multimodal Execution Path Analysis

TL;DR

This paper presents a novel multimodal execution path analysis framework using high-dimensional embeddings for high-precision ransomware detection, demonstrating improved accuracy, adaptability, and efficiency over traditional methods.

Contribution

The framework introduces an innovative combination of multimodal analysis and dynamic heuristics, enhancing ransomware detection capabilities against obfuscation and polymorphic tactics.

Findings

Significant improvements in precision, recall, and accuracy metrics.

Reduced false positive rates and detection latency.

Effective performance across diverse system configurations.

Abstract

Modern threat landscapes continue to evolve with increasing sophistication, challenging traditional detection methodologies and necessitating innovative solutions capable of addressing complex adversarial tactics. A novel framework was developed to identify ransomware activity through multimodal execution path analysis, integrating high-dimensional embeddings and dynamic heuristic derivation mechanisms to capture behavioral patterns across diverse attack variants. The approach demonstrated high adaptability, effectively mitigating obfuscation strategies and polymorphic characteristics often employed by ransomware families to evade detection. Comprehensive experimental evaluations revealed significant advancements in precision, recall, and accuracy metrics compared to baseline techniques, particularly under conditions of variable encryption speeds and obfuscated execution flows. The framework achieved scalable and computationally efficient performance, ensuring robust applicability across a range of system configurations, from resource-constrained environments to high-performance infrastructures. Notable findings included reduced false positive rates and enhanced detection latency, even for ransomware families employing sophisticated encryption mechanisms. The modular design allowed seamless integration of additional modalities, enabling extensibility and future-proofing against emerging threat vectors. Quantitative analyses further highlighted the system's energy efficiency, emphasizing its practicality for deployment in environments with stringent operational constraints. The results underline the importance of integrating advanced computational techniques and dynamic adaptability to safeguard digital ecosystems from increasingly complex threats.