Ransomware Prediction Using Supervised Learning Algorithms

Abstract

Malware has become most popular attack vector, among which ransomware remained a threat to individuals and organisations. Ransomware main objectives is extortion by imposing some form of denial of service to either the system or system resources such as files until ransom is paid. This make ransomware different from conventional malware that seek to replicate, delete files, exhilarate data or extensively consume system resources. Unfortunately, detection approaches such as sandboxes analysis and pipelines are inadequate due to lack of luxury of being able to isolate a sample to analyse, and when this occurs is already too late for several users.Therefore, machine learning as prove its efficiency and has been used in research for malware detection. In this paper, we explore machine learning algorithms in ransomware detection. Specifically, the data set used contains 30,000 attributes which is to be use as independent variables to predict ransomware.However, since is difficult to incorporate all the attribute in the analysis, we therefore results to use five attribute to serves a proof of concept for feature selection. Then, after feature selection, we apply support vector machine algorithm of which RMSE of 0.179 was obtained and classifying ransomware with 88.2% accuracy. The Support Vector Machine has high performance in detection and classifying ransomware when compare to other machine learning classifier.