Enhanced Ransomware Detection Techniques using Machine Learning Algorithms

G. Usha; P. Madhavan; Meenalosini Vimal Cruz; N. A.S. Vinoth; Veena; Maria Nancy

doi:10.1109/ICCCT53315.2021.9711906

Enhanced Ransomware Detection Techniques using Machine Learning Algorithms

G. Usha, P. Madhavan, Meenalosini Vimal Cruz, N. A.S. Vinoth, Veena, Maria Nancy

Information Technology

Research output: Contribution to book or proceeding › Conference article › peer-review

11 Scopus citations

Abstract

A challenge that governments, enterprises as well as individuals are constantly facing is the growing threat of ransomware attacks. Ransomware is a type of malware that encrypts the user's files and then demands a huge sum of money from the user. This increasing complexity calls for more advancement and innovative ideas in defensive strategies used to tackle the problems. In this paper, firstly we discuss the existing research in the field of ransomware detection techniques and their shortcomings. Secondly, a juxtaposed study on various machine learning algorithms to detect ransomware attacks is compared for ransomware dataset. Thirdly, various behavioral data such as API Calls, Target files, Registry Operations, Signature, Network Accesses are collected for each ransomware and benign sample and the results are compared for various attributes to understand the behavior of the attack. In order to understand the behavior of the attack various Machine Learning Algorithms like KNN, Naïve Bayes, Random Forest, Decision Trees are used for training and testing the dataset. Further optimization was done using hyper parameters to control the learning process. Finally, we have used the model(s) Accuracy, F1 Score, Precision and Recall to compare the results observed and suggesting how the roadmap for how efficiently the attacks can be prevented in future.

Original language	English
Title of host publication	Proceedings of the 2021 4th International Conference on Computing and Communications Technologies, ICCCT 2021
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	52-58
Number of pages	7
ISBN (Electronic)	9781665414470
DOIs	https://doi.org/10.1109/ICCCT53315.2021.9711906
State	Published - 2021
Event	4th International Conference on Computing and Communications Technologies, ICCCT 2021 - Chennai, India Duration: Dec 16 2021 → Dec 17 2021

Publication series

Name	Proceedings of the 2021 4th International Conference on Computing and Communications Technologies, ICCCT 2021

Conference

Conference	4th International Conference on Computing and Communications Technologies, ICCCT 2021
Country/Territory	India
City	Chennai
Period	12/16/21 → 12/17/21

Scopus Subject Areas

Computer Networks and Communications
Computer Vision and Pattern Recognition
Hardware and Architecture
Signal Processing
Safety, Risk, Reliability and Quality
Instrumentation

Keywords

Decision Tree
Detection
KNN
Locky
Machine Learning
Naive Bayes
Random Forest
Ransomware
WannaCry

Access to Document

10.1109/ICCCT53315.2021.9711906

Cite this

Usha, G., Madhavan, P., Vimal Cruz, M., Vinoth, N. A. S., Veena, & Nancy, M. (2021). Enhanced Ransomware Detection Techniques using Machine Learning Algorithms. In Proceedings of the 2021 4th International Conference on Computing and Communications Technologies, ICCCT 2021 (pp. 52-58). (Proceedings of the 2021 4th International Conference on Computing and Communications Technologies, ICCCT 2021). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICCCT53315.2021.9711906

Usha, G. ; Madhavan, P. ; Vimal Cruz, Meenalosini et al. / Enhanced Ransomware Detection Techniques using Machine Learning Algorithms. Proceedings of the 2021 4th International Conference on Computing and Communications Technologies, ICCCT 2021. Institute of Electrical and Electronics Engineers Inc., 2021. pp. 52-58 (Proceedings of the 2021 4th International Conference on Computing and Communications Technologies, ICCCT 2021).

@inproceedings{6cc43afc115941979200fb6a0aeef57d,

title = "Enhanced Ransomware Detection Techniques using Machine Learning Algorithms",

abstract = "A challenge that governments, enterprises as well as individuals are constantly facing is the growing threat of ransomware attacks. Ransomware is a type of malware that encrypts the user's files and then demands a huge sum of money from the user. This increasing complexity calls for more advancement and innovative ideas in defensive strategies used to tackle the problems. In this paper, firstly we discuss the existing research in the field of ransomware detection techniques and their shortcomings. Secondly, a juxtaposed study on various machine learning algorithms to detect ransomware attacks is compared for ransomware dataset. Thirdly, various behavioral data such as API Calls, Target files, Registry Operations, Signature, Network Accesses are collected for each ransomware and benign sample and the results are compared for various attributes to understand the behavior of the attack. In order to understand the behavior of the attack various Machine Learning Algorithms like KNN, Na{\"i}ve Bayes, Random Forest, Decision Trees are used for training and testing the dataset. Further optimization was done using hyper parameters to control the learning process. Finally, we have used the model(s) Accuracy, F1 Score, Precision and Recall to compare the results observed and suggesting how the roadmap for how efficiently the attacks can be prevented in future.",

keywords = "Decision Tree, Detection, KNN, Locky, Machine Learning, Naive Bayes, Random Forest, Ransomware, WannaCry",

author = "G. Usha and P. Madhavan and {Vimal Cruz}, Meenalosini and Vinoth, {N. A.S.} and Veena and Maria Nancy",

note = "Publisher Copyright: {\textcopyright} 2021 IEEE.; 4th International Conference on Computing and Communications Technologies, ICCCT 2021 ; Conference date: 16-12-2021 Through 17-12-2021",

year = "2021",

doi = "10.1109/ICCCT53315.2021.9711906",

language = "English",

series = "Proceedings of the 2021 4th International Conference on Computing and Communications Technologies, ICCCT 2021",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "52--58",

booktitle = "Proceedings of the 2021 4th International Conference on Computing and Communications Technologies, ICCCT 2021",

address = "United States",

}

Usha, G, Madhavan, P, Vimal Cruz, M, Vinoth, NAS, Veena & Nancy, M 2021, Enhanced Ransomware Detection Techniques using Machine Learning Algorithms. in Proceedings of the 2021 4th International Conference on Computing and Communications Technologies, ICCCT 2021. Proceedings of the 2021 4th International Conference on Computing and Communications Technologies, ICCCT 2021, Institute of Electrical and Electronics Engineers Inc., pp. 52-58, 4th International Conference on Computing and Communications Technologies, ICCCT 2021, Chennai, India, 12/16/21. https://doi.org/10.1109/ICCCT53315.2021.9711906

Enhanced Ransomware Detection Techniques using Machine Learning Algorithms. / Usha, G.; Madhavan, P.; Vimal Cruz, Meenalosini et al.
Proceedings of the 2021 4th International Conference on Computing and Communications Technologies, ICCCT 2021. Institute of Electrical and Electronics Engineers Inc., 2021. p. 52-58 (Proceedings of the 2021 4th International Conference on Computing and Communications Technologies, ICCCT 2021).

Research output: Contribution to book or proceeding › Conference article › peer-review

TY - GEN

T1 - Enhanced Ransomware Detection Techniques using Machine Learning Algorithms

AU - Usha, G.

AU - Madhavan, P.

AU - Vimal Cruz, Meenalosini

AU - Vinoth, N. A.S.

AU - Veena,

AU - Nancy, Maria

PY - 2021

Y1 - 2021

N2 - A challenge that governments, enterprises as well as individuals are constantly facing is the growing threat of ransomware attacks. Ransomware is a type of malware that encrypts the user's files and then demands a huge sum of money from the user. This increasing complexity calls for more advancement and innovative ideas in defensive strategies used to tackle the problems. In this paper, firstly we discuss the existing research in the field of ransomware detection techniques and their shortcomings. Secondly, a juxtaposed study on various machine learning algorithms to detect ransomware attacks is compared for ransomware dataset. Thirdly, various behavioral data such as API Calls, Target files, Registry Operations, Signature, Network Accesses are collected for each ransomware and benign sample and the results are compared for various attributes to understand the behavior of the attack. In order to understand the behavior of the attack various Machine Learning Algorithms like KNN, Naïve Bayes, Random Forest, Decision Trees are used for training and testing the dataset. Further optimization was done using hyper parameters to control the learning process. Finally, we have used the model(s) Accuracy, F1 Score, Precision and Recall to compare the results observed and suggesting how the roadmap for how efficiently the attacks can be prevented in future.

AB - A challenge that governments, enterprises as well as individuals are constantly facing is the growing threat of ransomware attacks. Ransomware is a type of malware that encrypts the user's files and then demands a huge sum of money from the user. This increasing complexity calls for more advancement and innovative ideas in defensive strategies used to tackle the problems. In this paper, firstly we discuss the existing research in the field of ransomware detection techniques and their shortcomings. Secondly, a juxtaposed study on various machine learning algorithms to detect ransomware attacks is compared for ransomware dataset. Thirdly, various behavioral data such as API Calls, Target files, Registry Operations, Signature, Network Accesses are collected for each ransomware and benign sample and the results are compared for various attributes to understand the behavior of the attack. In order to understand the behavior of the attack various Machine Learning Algorithms like KNN, Naïve Bayes, Random Forest, Decision Trees are used for training and testing the dataset. Further optimization was done using hyper parameters to control the learning process. Finally, we have used the model(s) Accuracy, F1 Score, Precision and Recall to compare the results observed and suggesting how the roadmap for how efficiently the attacks can be prevented in future.

KW - Decision Tree

KW - Detection

KW - KNN

KW - Locky

KW - Machine Learning

KW - Naive Bayes

KW - Random Forest

KW - Ransomware

KW - WannaCry

UR - http://www.scopus.com/inward/record.url?scp=85126817434&partnerID=8YFLogxK

U2 - 10.1109/ICCCT53315.2021.9711906

DO - 10.1109/ICCCT53315.2021.9711906

M3 - Conference article

AN - SCOPUS:85126817434

T3 - Proceedings of the 2021 4th International Conference on Computing and Communications Technologies, ICCCT 2021

SP - 52

EP - 58

BT - Proceedings of the 2021 4th International Conference on Computing and Communications Technologies, ICCCT 2021

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 4th International Conference on Computing and Communications Technologies, ICCCT 2021

Y2 - 16 December 2021 through 17 December 2021

ER -

Usha G, Madhavan P, Vimal Cruz M, Vinoth NAS, Veena, Nancy M. Enhanced Ransomware Detection Techniques using Machine Learning Algorithms. In Proceedings of the 2021 4th International Conference on Computing and Communications Technologies, ICCCT 2021. Institute of Electrical and Electronics Engineers Inc. 2021. p. 52-58. (Proceedings of the 2021 4th International Conference on Computing and Communications Technologies, ICCCT 2021). doi: 10.1109/ICCCT53315.2021.9711906

Enhanced Ransomware Detection Techniques using Machine Learning Algorithms

Abstract

Publication series

Conference

Scopus Subject Areas

Keywords

Access to Document

Other files and links

Fingerprint

Cite this