Call for Paper - Upcoming Issues

Machine Learning Based Hybrid Approach in Ransomware Recognition and Classification

International Journal of Electronics and Communication Engineering
© 2025 by SSRG - IJECE Journal
Volume 12 Issue 2
Year of Publication : 2025
Authors : M.S. Balamurugan, V. Rajendran, S. Suma Christal Mary
10.14445/23488549/IJECE-V12I2P113
pdf
How to Cite?

M.S. Balamurugan, V. Rajendran, S. Suma Christal Mary, "Machine Learning Based Hybrid Approach in Ransomware Recognition and Classification," SSRG International Journal of Electronics and Communication Engineering, vol. 12,  no. 2, pp. 140-151, 2025. Crossref, https://doi.org/10.14445/23488549/IJECE-V12I2P113

Abstract:

Cyber security is severely restricted by spyware, ransomware, along malevolent assaults, which can seriously harm networks, server rooms, websites, and mobile devices in a variety of commercial and industrial settings. Conventional anti-ransomware software finds it difficult to defend against immediately developed, highly competent attacks. As a result, contemporary techniques such as conventional and neural network-based topologies can be greatly applied to creating novel ransomware remedies. This research work employs a feature selection-based method along with implementing machine learning classification approaches in ransomware malware recognition and classification. Moreover, we developed six machine learning approaches: Adaptive Boosting, K-Nearest Neighbor, Stochastic Gradient Descent, Extra tree, Artificial Neural Network and Hybrid approaches based on preferred features for ransomware malware classification. Our investigational outcomes reveal that the proposed hybrid model outperforms conventional approaches with a detection accuracy of 99.5% in terms of measures like accuracy, precision, F1-score, Recall, Matthew’s Correlation Coefficient and Kappa score.

Keywords:

K-Nearest Neighbor (KNN), Stochastic Gradient Descent (SGD), Mathew’s Correlation Coefficient (MCC).

References:

[1] J. De Groot, A History of Ransomware Attack: The Biggest and Worst Ransomware Attack of All Time, 2017. [Online]. Available: https://www.digitalguardian.com/blog/history-ransomware-attacks-biggest-and-worst-ransomware-attacks-all-time
[2] Wira Zanoramy A. Zakaria et al., “The Rise of Ransomware,” Proceedings of the International Conference on Software and e-Business, Hong Kong, pp. 66-70, 2017.
[CrossRef] [Google Scholar] [Publisher Link]
[3] Maersk Ransomware Attack, TechForce, 2017. [Online]. Available: https://techforce.co.uk/blog/2019/maersk-ransomware-attack
[4] Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline, Chainalysis, 2024. [Online]. Available: https://www.chainalysis.com/blog/ransomware-2024/
[5] Ben Dickson, The IoT Ransomware Threat is More Serious than you Think, IoT Security Foundation, 2019. [Online]. Available: https://www.iotsecurityfoundation.org/the-iot-ransomware-threat-is-more-serious-than-you-think/
[6] Goteng Kuwunidi Job et al., “Impacts of Ransomware Attacks on Edge Computing Devices: Challenges and Research Opportunities,” International Journal of Engineering Research & Technology, vol. 10, no. 4, pp. 665-670, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[7] Bander Ali Saleh Al-rimy, Mohd Aizaini Maarof, and Syed Zainudeen Mohd Shaid, “Ransomware Threat Success Factors, Taxonomy, and Countermeasures: A Survey and Research Directions,” Computers & Security, vol. 74, pp. 144-166, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[8] Jinal P. Tailor, and Ashish D. Patel, “A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage Control,” International Journal of Research and Scientific Innovation, vol. 4, no. 6s, pp. 116-121, 2017.
[Google Scholar] [Publisher Link]
[9] Hanqi Zhang et al., “Classification of Ransomware Families with Machine Learning Based on N-Gram of Opcodes,” Future Generation Computer Systems, vol. 90, pp. 211-221, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[10] Aaron Zimba, “Malware-Free Intrusion: A Novel Approach to Ransomware Infection Vectors,” International Journal of Computer Science & Information Security, vol. 15, no. 2, pp. 317-325, 2017.
[Google Scholar] [Publisher Link]
[11] Amjad Alraizza, and Abdulmohsen Algarni, “Ransomware Detection using Machine Learning: A Survey,” Big Data and Cognitive Computing, vol. 7, pp. 1-24, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[12] Nisreen Alzahrani, and Daniyal Alghazzawi, “A Review on Android Ransomware Detection using Deep Learning Techniques,” Proceedings of the 11th International Conference on Management of Digital EcoSystems, pp. 330-335, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[13] Seong Il Bae, Gyu Bin Lee, and Eul Gyu Im, “Ransomware Detection using Machine Learning Algorithms,” Concurrency and Computation: Practice and Experience, vol. 32, no. 18, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[14] Hiba Zuhair, Ali Selamat, and Ondrej Krejcar, “A Multi-Tier Streaming Analytics Model of 0-Day Ransomware Detection Using Machine Learning,” Applied Sciences, vol. 10, no. 9, pp. 1-23, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[15] G. Kirubavathi, S. Sreevarsan, and P. Varadhan, “Behavioural Based Detection of Android Ransomware Using Machine Learning Techniques,” Research Article, pp. 1-34, 2023.
[CrossRef] [Publisher Link]
[16] Iram Bibi et al., “An Effective Android Ransomware Detection through Multi-Factor Feature Filtration and Recurrent Neural Network,” UK/China Emerging Technologies, Glasgow, UK, pp. 1-4, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[17] Samah Alsoghyer, and Iman Almomani, “Ransomware Detection System for Android Applications,” Electronics, vol. 8, no. 8, pp. 1-36, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[18] Ashu Sharma, and Sanjay K. Sahay, “An Effective Approach for Classification of Advanced Malware with High Accuracy,” International Journal of Security and Its Applications, vol. 10, no. 4, pp. 249-266, 2016.
[CrossRef] [Google Scholar] [Publisher Link]
[19] K. Deepa, G. Radhamani, and P. Vinod, “Investigation of Feature Selection Methods for Android Malware Analysis,” Procedia Computer Science, vol. 46, pp. 841-848, 2015.
[CrossRef] [Google Scholar] [Publisher Link]
[20] Iman Almomani et al., “Android Ransomware Detection Based on a Hybrid Evolutionary Approach in the Context of Highly Imbalanced Data,” IEEE Access, vol. 9, pp. 57674-57691, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[21] Jinsoo Hwang et al., “Two-Stage Ransomware Detection using Dynamic Analysis and Machine Learning Techniques,” Wireless Personal Communications, vol. 112, pp. 2597-2609, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[22] Felan Carlo C. Garcia, and Felix P. Muga II, “Random Forest for Malware Classification,” arXiv, pp. 1-4, 2016.
[CrossRef] [Google Scholar] [Publisher Link]
[23] Fakhroddin Noorbehbahani, Farzaneh Rasouli, and Mohammad Saberi, “Analysis of Machine Learning Techniques for Ransomware Detection,” 16th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology, Mashhad, Iran, pp. 128-133, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[24] Shun Tobiyama et al., “Malware Detection with Deep Neural Network using Process Behavior,” IEEE 40th Annual Computer Software and Applications Conference, Atlanta, GA, USA, pp. 577-582, 2016.
[CrossRef] [Google Scholar] [Publisher Link]
[25] Abien Fred Agarap, “Towards Building an Intelligent Anti-Malware System: A Deep Learning Approach using Support Vector Machine (SVM) for Malware Classification,” arXiv, pp. 1-5, 2017.
[CrossRef] [Google Scholar] [Publisher Link]
[26] Tohari Ahmad, and Mohammad Nasrul Aziz, “Data Preprocessing and Feature Selection for Machine Learning Intrusion Detection Systems,” ICIC Express Letters, vol. 13, no. 2, pp. 93-101, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[27] Subash Poudyal, Kul Prasad Subedi, and Dipankar Dasgupta, “A Framework for Analyzing Ransomware using Machine Learning,” IEEE Symposium Series on Computational Intelligence, Bangalore, India, pp. 1692-1699, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[28] Muhammad Salman Khan et al., “Fractal Based Adaptive Boosting Algorithm For Cognitive Detection Of Computer Malware,” IEEE 15th International Conference on Cognitive Informatics & Cognitive Computing, Palo Alto, CA, USA, pp. 50-59, 2016.
[CrossRef] [Google Scholar] [Publisher Link]
[29] Fadare Oluwaseun Gbenga, Adetunmbi Adebayo Olusola, and Oyinloye Oghenerukevwe Elohor, “Towards Optimization of Malware Detection using Extra-Tree and Random Forest Feature Selections on Ensemble Classifiers,” International Journal of Recent Technology and Engineering, vol. 9, no. 6, pp. 223-232, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[30] Stephan Dreiseitl, and Lucila Ohno-Machado, “Logistic Regression and Artificial Neural Network Classification Models: A Methodology Review,” Journal of Biomedical Informatics, vol. 35, no. 6, pp. 352-359, 2002.
[CrossRef] [Google Scholar] [Publisher Link]