Development of a Machine Learning Model for Detecting and Classifying Ransomware

Abstract

The dynamic concept of technology has caused unprecedented technological and socio-economic development in everyday human activities. The fact is that there is an increasing number of digital attacks in digital kidnapping, purporting to be ransomware as a continuing threat, resulting in the battle between the development and detection of new techniques. Detection and mitigation systems have been developed and are in wide-scale use; however, their reactive nature has resulted in a continuing evolution and updating process. This is mainly because detection mechanisms can often be circumvented by introducing changes in the malicious code and its behaviour. In this paper, we develop a machine learning model for detecting and classifying ransomware using classification techniques. The work trained supervised machine learning algorithms for building the model and used the test set to perform the model evaluation. The study used a confusion matrix to observe the proposed algorithm's model accuracy, which enabled a systematic comparison of each algorithm. Supervised algorithms used for this study are the naive Bayes, which resulted in an accuracy of 83.40% with the test set result, and Decision Tree with an accuracy of (J48) 97.60%, respectively. The models result indicated an increase in the accuracy of detection and classification of ransomware. � 2021 IEEE.