Cyber security protects the system from unauthorized access and destruction of data. The intention is to provide security to the system by blocking attackers. Malware or malicious software is any kind of program which is developed with the aim of doing harm to victim’s data. Viruses, worms, Trojan horses, Ransomware, and spyware are different types of malware. When malicious software enters into the system, it will encrypt the user data, deletes or modifies the data. This type of software also used to steal the user data. Ransomware is one of the types of malware which was developed with the intention of getting money from the victims. When Ransomware starts executing in our system, it will start encrypting, deleting and modifying files. The user will get decryption key only after paying the claimed money. Many have found some solutions for detecting some specific Ransomware. The existing technique includes Static based technique which uses signature analysis which can only detect known Ransomware since it compares the extracted code snippet of the target executable with the database of known malware samples. The existing technique is based on the known input and known output and can only detect known Ransomware samples. In this paper we have proposed an efficient Ransomware detection system based on the analysis of behavior with the help of machine learning technique. In the proposed technique, we analyzed the possible behavior of Ransomware based on the changes to user’s files, addition of registry key, stopping the active processes. Based on this behavior, the decision is made using Machine learning technique.
A. Menen and Gowtham, R., “An Efficient Ransomware Detection System”, International Journal of Recent Technology and Engineering (IJRTE), vol. 7, no. 5S3, 2019.