Enhancing Ransomware Detection in Cybersecurity: A Comprehensive Ensemble Approach
Main Article Content
Abstract
Ransomware has emerged as a significant cybersecurity threat, targeting individuals, businesses, and even governmental organizations, causing substantial financial losses and data breaches. Detecting ransomware attacks promptly is crucial for mitigating their impact, necessitating effective detection methods. One such approach is the use of ensemble methods, which combine multiple base classifiers to enhance predictive performance. Ensemble methods like Adaptive Boosting (AdaBoost), Random Forest (RF), and Naïve Bayes (NB) have shown promise in ransomware detection. AdaBoost iteratively adjusts the weights of misclassified instances to improve classification accuracy. RF constructs multiple decision trees and aggregates their predictions to form a more robust model. NB is a probabilistic classifier that assumes feature independence and is based on the Bayes theorem. The UGRansome dataset serves as a benchmark for evaluating ransomware detection algorithms. This dataset contains samples of ransomware and benign files, facilitating the training and testing of machine learning models. To evaluate effectiveness of the proposed ensemble method framework, various evaluation metrics such as accuracy, precision, recall, F1 score, and ROC curve analysis are employed. Experimental results on the UGRansome dataset demonstrate the effectiveness of the ensemble-learning approach, achieving a classification accuracy of 96%. By leveraging the strengths of multiple base classifiers, the ensemble approach enhances detection capabilities, contributing to more robust cybersecurity defenses against ransomware threats.
Article Details
This work is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License.