Evaluation of Supervised Machine Learning Classifiers for Detecting Ransomware based on Naïve Bayes, SVM, KNN, C 4.5, and Random Forest Algorithms

Authors : Mohammed A. Saleh

Volume/Issue : Volume 5 - 2020, Issue 1 - January

Google Scholar : https://goo.gl/DF9R4u

Scribd : https://bit.ly/2tXdplH

Nowadays, the wide spread of ransomware poses a destructive damage to the end users, which need to be tackled and treated properly to classify them and keep them away. Since the attributes and features of ransomware samples are extremely changeable, an automated analysis using machine learning algorithms is applied in order to handle the rapid changes of ransomware attributes features. In this paper, supervised machine learning classifiers (algorithms) such as Naïve Bayes, SVM, kNN, C 4.5, and Random Forest are evaluated for detecting ransomware. Several recent ransomware samples are collected, and their attributes and features are extracted and tabulated to construct training and testing datasets. Then, the datasets are evaluated and analyzed using Weka software for each classifier in three different modes, namely 10-fold cross-validation mode, 66.0% train split mode, and supplied test set mode. The best result for detecting ransomware is achieved by kNN classifier in 66.0% train split mode, which correctly classified 87.5% of instances, and therefore, the research suggests it for detecting ransomware.

Keywords : Malware Analysis; Supervised Machine Learning Algorithms; Ransomware Detection.


Paper Submission Last Date
30 - September - 2021

Paper Review Notification
In 1-2 Days

Paper Publishing
In 2-3 Days

Never miss an update from Papermashup

Get notified about the latest tutorials and downloads.

Subscribe by Email

Get alerts directly into your inbox after each post and stay updated.

Subscribe by RSS

Add our RSS to your feedreader to get regular updates from us.