NORMA eResearch @NCI Library

Implement a System that can Detect Ransomware Attacks in Real-Time using Behaviour Analysis

Rahman, MD Masudur (2024) Implement a System that can Detect Ransomware Attacks in Real-Time using Behaviour Analysis. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
PDF (Master of Science)
Download (947kB) | Preview
[thumbnail of Configuration Manual]
Preview
PDF (Configuration Manual)
Download (474kB) | Preview

Abstract

Ransomware remains a critical challenge in cybersecurity, requiring innovative methods for detection because of the sophistication of modern-day attack patterns. This paper deals with the development of a machine learning-based ransomware detection framework and investigates the efficacy of Logistic Regression, Random Forest, and Support Vector Machine. Featured are DebugSize and ExportSize, two of the most important features showing great dispersion across all ransomware files. In their performance, the Random Forest model performed better, realizing an accuracy of 99.67%, an AUC of 0.9994 close to perfect, and minimum false positives and negatives; it proves to be more reliable when put into practical use. The study has also found a manual prediction scenario for any instances in dynamic environments. Though this approach improves detection accuracy, challenges such as scalability and computation efficiency do prevail. Some of the future directions are lightweight models for IoT, privacy-preserving methods such as federated learning, and hybrid approaches incorporating behaviour-based systems for zero-day threats handling. This work lays a solid foundation for developing scalable and adaptive ransomware detection solutions.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Mahajan, Kamil
UNSPECIFIED
Uncontrolled Keywords: Ransomware detection; machine learning; Random Forest; real-time detection; DebugSize; ExportSize; ensemble learning; cybersecurity; behavior-based systems; zero-day threats
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Q Science > Q Science (General) > Self-organizing systems. Conscious automata > Machine learning
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Ciara O'Brien
Date Deposited: 28 Jul 2025 09:44
Last Modified: 28 Jul 2025 09:44
URI: https://norma.ncirl.ie/id/eprint/8246

Actions (login required)

View Item View Item