An Efficient Ransomware Detection System
Anjalee Menen1, R. Gowtham2
1Anjalee Menen, Department of Computer Science and Engineering, Amrita School of Engineering, Amrita Vishwa Vidyapeetham, Coimbatore (Tamil Nadu), India.
2Dr. R. Gowtham, Department of Computer Science and Engineering, Amrita School of Engineering, Amrita Vishwa Vidyapeetham, Coimbatore (Tamil Nadu), India.
Manuscript received on 22 April 2019 | Revised Manuscript received on 01 May 2019 | Manuscript Published on 08 May 2019 | PP: 28-31 | Volume-7 Issue-5S3 February 2019 | Retrieval Number: E11060275S19/19©BEIESP
Open Access | Editorial and Publishing Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Cyber security protects the system from unauthorized access and destruction of data. The intention is to provide security to the system by blocking attackers. Malware or malicious software is any kind of program which is developed with the aim of doing harm to victim’s data. Viruses, worms, Trojan horses, Ransomware, and spyware are different types of malware. When malicious software enters into the system, it will encrypt the user data, deletes or modifies the data. This type of software also used to steal the user data. Ransomware is one of the types of malware which was developed with the intention of getting money from the victims. When Ransomware starts executing in our system, it will start encrypting, deleting and modifying files. The user will get decryption key only after paying the claimed money. Many have found some solutions for detecting some specific Ransomware. The existing technique includes Static based technique which uses signature analysis which can only detect known Ransomware since it compares the extracted code snippet of the target executable with the database of known malware samples. The existing technique is based on the known input and known output and can only detect known Ransomware samples. In this paper we have proposed an efficient Ransomware detection system based on the analysis of behavior with the help of machine learning technique. In the proposed technique, we analyzed the possible behavior of Ransomware based on the changes to user’s files, addition of registry key, stopping the active processes. Based on this behavior, the decision is made using Machine learning technique.
Keywords: Ransomware, Cybersecurity, Malware, Machine Learning.
Scope of the Article: System Integration