CH-7 Advancing Ransomware Detection Through Machine Learning: Assessing the Effectiveness of Classification Algorithms in Cybersecurity
SCURS Disciplines
Computer Sciences
Document Type
Oral Presentation
Abstract
This research explores machine learning techniques to predict ransomware for cybersecurity defenses by detecting and preventing potential vulnerabilities and threats early. The study evaluates the effectiveness of various machine learning models: Logistic Regression (LR), Decision Trees (DT), Random Forests(RF), Support Vector Machines (SVM), and K-Nearest Neighbors (KNN) to accurately classify ransomware-related behaviors earlier. The research design involves data collection by preprocessing a dataset comprising 15,000 samples with features like network traffic metrics (e.g., packet count, connection duration) and system indicators (e.g., CPU usage spikes and file encryption attempts). The dataset is then used to train and test the selected machine-learning algorithms as identified. The methodology includes feature engineering, data normalization, model training, and performance evaluation using accuracy, ROC-AUC, and confusion matrix analysis metrics algorithms. The ultimate aim is to set baseline performance levels for each model and pinpoint the most suitable algorithm for real-time ransomware detection. This study provides insights into the strengths and limitations of different ML techniques and approaches. It offers practical guidance for enhancing cybersecurity practices in the future, making it a valuable resource for professionals in the field.
Keywords
Ransomware Detection, Machine Learning, Cybersecurity, Predictive Modeling, Anomaly Detection, Network Security
Start Date
11-4-2025 4:10 PM
Location
CASB 102
End Date
11-4-2025 4:25 PM
CH-7 Advancing Ransomware Detection Through Machine Learning: Assessing the Effectiveness of Classification Algorithms in Cybersecurity
CASB 102
This research explores machine learning techniques to predict ransomware for cybersecurity defenses by detecting and preventing potential vulnerabilities and threats early. The study evaluates the effectiveness of various machine learning models: Logistic Regression (LR), Decision Trees (DT), Random Forests(RF), Support Vector Machines (SVM), and K-Nearest Neighbors (KNN) to accurately classify ransomware-related behaviors earlier. The research design involves data collection by preprocessing a dataset comprising 15,000 samples with features like network traffic metrics (e.g., packet count, connection duration) and system indicators (e.g., CPU usage spikes and file encryption attempts). The dataset is then used to train and test the selected machine-learning algorithms as identified. The methodology includes feature engineering, data normalization, model training, and performance evaluation using accuracy, ROC-AUC, and confusion matrix analysis metrics algorithms. The ultimate aim is to set baseline performance levels for each model and pinpoint the most suitable algorithm for real-time ransomware detection. This study provides insights into the strengths and limitations of different ML techniques and approaches. It offers practical guidance for enhancing cybersecurity practices in the future, making it a valuable resource for professionals in the field.
