Classifying Ransomware Using Machine Learning Algorithms

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Ransomware is a continuing threat and has resulted in the battle between the development and detection of new techniques. Detection and mitigation systems have been developed and are in wide-scale use; however, their reactive nature has resulted in a continuing evolution and updating process. This is largely because detection mechanisms can often be circumvented by introducing changes in the malicious code and its behaviour. In this paper, we demonstrate a classification technique of integrating both static and dynamic features to increase the accuracy of detection and classification of ransomware. We train supervised machine learning algorithms using a test set and use a confusion matrix to observe accuracy, enabling a systematic comparison of each algorithm. In this work, supervised algorithms such as the Naïve Bayes algorithm resulted in an accuracy of 96% with the test set result, SVM 99.5%, random forest 99.5%, and 96%. We also use Youden's index to determine sensitivity and specificity.
Original languageEnglish
Title of host publicationIntelligent Data Engineering and Automated Learning - IDEAL 2019
Subtitle of host publication20th International Conference, Manchester, UK, November 14-16, 2019, Proceedings, Part II
EditorsHujun Yin, David Camacho, Peter Tino, Antonio J. Tallón-Ballesteros, Ronaldo Menezes, Richard Allmendinger
Place of PublicationCham
PublisherSpringer International Publishing
Pages45-52
Number of pages8
VolumeLNCS11872
ISBN (Electronic)9783030336172
ISBN (Print)9783030336165, 3030336166
DOIs
Publication statusPublished - 24 Oct 2019
Event20th International Conference on Intelligent Data Engineering and Automated Learning - University of Manchester, Manchester, United Kingdom
Duration: 14 Nov 201916 Nov 2019
Conference number: 20
http://www.datascience.manchester.ac.uk/events-1/events/20th-international-conference-on-intelligent-data-engineering-and-automated-learning-ideal/

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Name
VolumeLNCS 11872
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference20th International Conference on Intelligent Data Engineering and Automated Learning
Abbreviated titleIDEAL
CountryUnited Kingdom
CityManchester
Period14/11/1916/11/19
Internet address

    Fingerprint

Cite this

Egunjobi, S., Parkinson, S., & Crampton, A. (2019). Classifying Ransomware Using Machine Learning Algorithms. In H. Yin, D. Camacho, P. Tino, A. J. Tallón-Ballesteros, R. Menezes, & R. Allmendinger (Eds.), Intelligent Data Engineering and Automated Learning - IDEAL 2019: 20th International Conference, Manchester, UK, November 14-16, 2019, Proceedings, Part II (Vol. LNCS11872, pp. 45-52). (Lecture Notes in Computer Science). Cham: Springer International Publishing. https://doi.org/10.1007/978-3-030-33617-2_5