Deployment of Ransomware Detection Using Dynamic Analysis and Machine Learning

Juan Herrera- Silva; Myriam Hernandez-Alvarez

doi:10.54941/ahfe1003714

AHFE International

Accelerating Open Access Science in Human Factors Engineering and Human-Centered Computing

Deployment of Ransomware Detection Using Dynamic Analysis and Machine Learning

Open Access

Article

Conference Proceedings

Authors: Juan Herrera- Silva, Myriam Hernandez-Alvarez

Abstract

Ransomware's growing impact is powered by dedicated criminal teams working within an organized business framework. Because of the amount of sensitive information stored on devices and the cloud while transferring over the networks, malware detection, especially ransomware, has become a primary research topic in recent years. In this paper, we present a dynamic feature dataset with 50 characteristics that are ransomware related and with low correlation pairwise. The link to the dataset is included. Using this dataset, machine learning models are generated implementing Random Forest, Gradient Boosted Regression Trees, Gaussian Naïve Bayes, and Neural Networks algorithms obtaining average ten-fold cross-validation accuracies between 74% and 100%. Processing times range between 0.15 sec and 25.47 secs, allowing a fast response to avoid encryption. These models are applied to new artifacts to effectively detect possible incoming threats.

Keywords: Ransomware Detection, Dynamic Analysis, Encryptor, Locker, Features, Dataset, Machine Learning, Timeline of the Ransomware Evolution

DOI: 10.54941/ahfe1003714

Cite this paper

Downloads

1484

Visits

1468

Download PDF

More from this volume

Keeping the human element to secure autonomous shipping operations →

View all articles in Human Factors in Cybersecurity →