Call For Papers
Contact Us

  Preventing Crypto Ransomware Using Machine Learning  
  Authors : Jitti Annie Abraham; Susan M George
  Cite as:


Ransomware is a kind of malware that forestalls or confines clients from getting to their framework, either by locking the framework's screen or by locking the clients' records except if a payoff is paid. Due to the changing conduct of ransomware, conventional type and detection techniques do not correctly stumble on new variants of ransomware. Our data set includes some of the most up-to-date ransomware samples available, providing an assessment of the category accuracy of device studying algorithms on the present day evolving repute of ransomware. Two primary parts of this work are identification of the behavioral attributes which can be used for choicest class accuracy and type of ransomware the using machine learning classification algorithms. After classifying the ransomware editions, a prevention mechanism is also completed to the cryptographic ransomware variants.


Published In : IJCSN Journal Volume 8, Issue 3

Date of Publication : June 2019

Pages : 285-293

Figures :06

Tables : 01


Jitti Annie Abraham : received her B.Tech (CSE) degree from University of Kerala in 2016. She is currently pursuing her Masters in Computer Science & Engineering from APJ Abdul Kalam Technological University. Her research interests areas includes machine learning, artificial intelligence, cyber forensics and cryptography.

Susan M George : is working as Assistant Professor in Computer Science and Engineering Department. She has more than 3 years' experience in teaching. Her research interests focus data mining, machine learning and artificial intelligence. She has published several papers on different areas.


Classification, Machine Learning Ransomware, Ransomware prevention

Ransomware variations are expanding step by step. They generally target client savvy and framework shrewd. The principle point of ransomware is to take cash from the person in question. Here studied the implementation of machine learning algorithms for malware classification based on the behavior of malware samples. Using an iterative approach, determined the set of behavioral attributes which can be used for ransomware classification to achieve the optimal classification accuracy. Moreover, here evaluated classification accuracy of five machine learning algorithms. Using machine learning, identified modified variants of ransomware samples, confirming the new trend of malware in evading classification and detection systems by modifying their behavior. The identified ransomware samples from evolving families with a diverse behavior compared to their predecessors. The intention of creating malware variants with various behaviors might be to evade detection systems by presenting a rare behavior on new samples, or to mislead detection and classification systems by using a similar behavior to other ransomware families.


[1] Hajredin Daku, Pavol Zavarsky, Yasir Malik, "BehavioralBased Classification and Identification of Ransomware Variants Using Machine Learning", 2324-9013/18/31.00 IEEE, 2018 [2] M. I. Jordan and T. M. Mitchell, "Machine Learning: Trends, Perspectives, and Prospects", Science 349,255 2015. [3] Sandhya Ndhage, Charanjeet Kaur Raina, "A Review On Machine Learning Techniques", IJRITCC, ISSN: 2321- 8169 Volume: 4 Issue: 3 395 - 399, 2016. [4] Ziya Alper Gen, Gabriele Lenzini, Peter Y.A. Ryan,"The Cipher, the Random and the Ransom: A Survey on Current and Future Ransomware", CECC, November 2017. [5] D Nieuwenhuizen, "A Behavioural-based Approach to Ransomware Detection" Information Security 2017. [6] R. Vijaya Kumar Reddy, Dr. U. Ravi Babu, "A Review on Classification Techniques in Machine Learning",ICRTESM March 2018. [7] Smruti Saxena, Hemant Kumar Soni, "Strategies for Ransomware Removal and Prevention", 978-1-5386-4606- 9 IEEE, 2018. [8] Daniel Gonzalez, Thaier Hayajneh, "Detection and PreventionofCrypto-Ransomware", 978-1-5386-1104- 3/17/$31.00 IEEE, 2017. [9] Vitaly Shmatikov and Ming-Hsiu Wang, "Security Against Probe-Response Attacks in Collaborative Intrusion Detection", ACM 2007.