Paper Contents
Abstract
Ransomware remains a major threat to cybersecurity by encrypting usersdata and requiring ransom payments. Conventional signature-based detection methods tend to miss new and emerging ransomware variants. This project introduces an intelligent ransomware detection framework based on both machine learning (ML) and deep learning (DL) methods to precisely detect ransomware behavior and separate it from harmless software. The framework takes advantage of a dataset with diverse ransomware and benign files, deriving important features like entropy, file size, and instruction patterns to train multiple models like Random Forest, XGBoost, and a Convolutional Neural Network (CNN). Comparative studies show that deep learning methods, especially CNNs trained on grayscale image representations of binary files, yield better accuracy and resilience to obfuscated and polymorphic variants of ransomware. The hybrid detection methodology presented improves the early detection of attacks and presents a scalable method that can accommodate real-world cybersecurity environments.KEYWORDS: ransomware, detection, methods, learning, cybersecurity, variants, framework.
Copyright
Copyright © 2025 SAKTHI V. This is an open access article distributed under the Creative Commons Attribution License.
