NORMA eResearch @NCI Library

Evaluation and Mitigation of Ransomware using Machine Learning

Meher, Saurabh (2021) Evaluation and Mitigation of Ransomware using Machine Learning. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
PDF (Master of Science)
Download (1MB) | Preview
[thumbnail of Configuration manual]
PDF (Configuration manual)
Download (285kB) | Preview


Ransomware threat has been increasing in the past few years and this pattern is continuing to damage the business and reputation of companies and individuals. As the attackers have an advantage over the cyber security experts, they can easily adapt their attacks to the defences that the experts have implemented. The new advanced malware is then able to go undetected and fail to go under observation. Previous researches mainly focused on malware in general and ways to defend using machine learning and some only focused on the accuracy of their models. The real motivation of this research is to detect malware specifically ransomware which was not achieved in previous research with the focus on increasing the accuracy and precision in the detection. This paper focuses on the detection of ransomware and demonstrates an approach towards detecting portable executable files (PE files) which are categorized as Microsoft’s standard malware using machine learning and deep learning. This approach after being tested on a dataset containing 100,000 files that contain malware and benign files using multiple machine learning classifiers such as MLP, Decision tree, and Random Forest will try to reduce the number of false positives and work on getting high accuracy in identifying PE files. The results of this research will help identify and mitigate losses by ransomware attacks on companies and individuals as the machine learning algorithm will detect the ransomware and the user will be notified about the threat. The MLP model outperformed the other models with an accuracy of 99.875% accuracy while also achieving a rate of 0.6% false positive which means that the model can detect malware with high accuracy and precision.

Item Type: Thesis (Masters)
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Q Science > Q Science (General) > Self-organizing systems. Conscious automata > Machine learning
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 22 Dec 2022 11:41
Last Modified: 07 Mar 2023 14:38

Actions (login required)

View Item View Item