Authors : Wira Zanoramy Ansiry Zakaria; Muhammad Nasim Abdul Aziz; Sharifah Roziah Mohd Kassim

Volume/Issue : Volume 10 - 2025, Issue 2 - February

Google Scholar : https://tinyurl.com/bdz7s5zw

Scribd : https://tinyurl.com/39zr46nc

DOI : https://doi.org/10.38124/ijisrt/25feb1623

Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.

Abstract : Ransomware attacks pose a significant threat to digital security, necessitating the development of effective detection mechanisms. This paper explores the utilization of Application Programming Interface (API) calls as a pivotal feature in ransomware detection systems. By analyzing the sequence and nature of application API calls, we can discern patterns indicative of malicious behavior. This paper also discusses the challenges associated with API-based detection, including the potential for benign applications to exhibit similar behaviors. Overall, the findings underscore the importance of API calls in developing robust ransomware detection frameworks and highlight ongoing research efforts to improve detection methodologies through innovative feature extraction and machine learning techniques.

Keywords : Ransomware Detection, Machine Learning, Support Vector Machines (SVM), API Call Analysis, Cybersecurity Threat Mitigation

References :

1. (2022). Leveraging AI and ML for advance cyber security. Design of Single Chip Microcomputer Control System for Stepping Motor, 1-3. https://doi.org/10.47363/jaicc/2022(1)142
2. (2023). Artificial intelligence with respect to cyber security. JAAI, 1(2), 96-102. https://doi.org/10.18178/jaai.2023.1.2.96-102
3. (2024). Machine learning classifier algorithms for ransomware Lockbit prediction. Journal of Applied Data Sciences, 5(1), 24-32. https://doi.org/10.47738/jads.v5i1.161
4. (2024). Machine learning classifier algorithms for ransomware lockbit prediction. Journal of Applied Data Sciences, 5(1), 24-32. https://doi.org/10.47738/jads.v5i1.161
5. Abushark, Y., Khan, A., Alsolami, F., Almalawi, A., Alam, M., Agrawal, A., … & Khan, R. (2022). Cyber security analysis and evaluation for intrusion detection systems. Computers Materials & Continua, 72(1), 1765-1783. https://doi.org/10.32604/cmc.2022.025604
6. Abutabenjeh, S. and Jaradat, R. (2018). Clarification of research design, research methods, and research methodology. Teaching Public Administration, 36(3), 237-258. https://doi.org/10.1177/0144739418775787
7. Ahmed, Y., Koçer, B., & Al‐rimy, B. (2020). Automated analysis approach for the detection of high survivable ransomware. Ksii Transactions on Internet and Information Systems, 14(5). https://doi.org/10.3837/tiis.2020.05.021
8. Ahsan, M., Nygard, K., Gomes, R., Chowdhury, M., Rifat, N., & Connolly, J. (2022). Cybersecurity threats and their mitigation approaches using machine learning—a review. Journal of Cybersecurity and Privacy, 2(3), 527-555. https://doi.org/10.3390/jcp2030027
9. Al‐rimy, B., Maarof, M., Alazab, M., Alsolami, F., Shaid, S., Ghaleb, F., … & Ali, A. (2020). A pseudo feedback-based annotated tf-idf technique for dynamic crypto-ransomware pre-encryption boundary delineation and features extraction. Ieee Access, 8, 140586-140598. https://doi.org/10.1109/access.2020.3012674
10. Alharbi, A., Seh, A., Alosaimi, W., Alyami, H., Agrawal, A., Kumar, R., … & Khan, R. (2021). Analyzing the impact of cyber security related attributes for intrusion detection systems. Sustainability, 13(22), 12337. https://doi.org/10.3390/su132212337
11. Alhawi, O., Baldwin, J., &Dehghantanha, A. (2018). Leveraging machine learning techniques for windows ransomware network traffic detection., 93-106. https://doi.org/10.1007/978-3-319-73951-9_5
12. Alise, M. and Teddlie, C. (2010). A continuation of the paradigm wars? prevalence rates of methodological approaches across the social/behavioral sciences. Journal of Mixed Methods Research, 4(2), 103-126. https://doi.org/10.1177/1558689809360805
13. Almomani, I., Qaddoura, R., Habib, M., Alsoghyer, S., Alkhayer, A., Aljarah, I., … & Faris, H. (2021). Android ransomware detection based on a hybrid evolutionary approach in the context of highly imbalanced data. Ieee Access, 9, 57674-57691. https://doi.org/10.1109/access.2021.3071450
14. Barella, Y. (2023). Analysis on the nature, functions, and process of research:  revealing the characteristics of scientific research, types of research, and classification in research. Edumaspul - Jurnal Pendidikan, 7(2), 3866-3871. https://doi.org/10.33487/edumaspul.v7i2.7031
15. Bold, R., Al-Khateeb, H., &Ersotelos, N. (2022). Reducing false negatives in ransomware detection: a critical evaluation of machine learning algorithms. Applied Sciences, 12(24), 12941. https://doi.org/10.3390/app122412941
16. Caldas, M. (2003). Research design: qualitative, quantitative, and mixed methods approaches. Revista De AdministraçãoContemporânea, 7(1), 223-223. https://doi.org/10.1590/s1415-65552003000100015
17. Davies, S., Macfarlane, R., & Buchanan, W. (2022). Comparison of entropy calculation methods for ransomware encrypted file identification. Entropy, 24(10), 1503. https://doi.org/10.3390/e24101503
18. Dendere, T. (2024). Ransomware detection using portable executable imports. International Conference on Cyber Warfare and Security, 19(1), 66-74. https://doi.org/10.34190/iccws.19.1.2031
19. Fakiha, B. (2023). Enhancing cyber forensics with ai and machine learning: a study on automated threat analysis and classification. International Journal of Safety and Security Engineering, 13(4), 701-707. https://doi.org/10.18280/ijsse.130412
20. Gazzan, M. (2024). An incremental mutual information-selection technique for early ransomware detection. Information, 15(4), 194. https://doi.org/10.3390/info15040194
21. Gong, W. (2024). Ransomware detection and classification using generative adversarial networks with dynamic weight adaptation.. https://doi.org/10.31219/osf.io/5vju7
22. Gunuganti, A. (2022). Ransomware evolution and defense strategies. Journal of Engineering and Applied Sciences Technology, 1-4. https://doi.org/10.47363/jeast/2022(4)261
23. Gurukala, N. (2023). Feature selection using particle swarm optimization and ensemble-based machine learning models for ransomware detection.. https://doi.org/10.21203/rs.3.rs-3604834/v1
24. Gurukala, N. (2023). Feature selection using particle swarm optimization and ensemble-based machine learning models for ransomware detection.. https://doi.org/10.21203/rs.3.rs-3604834/v1
25. Hammadeh, K. (2023). Unraveling ransomware: detecting threats with advanced machine learning algorithms. International Journal of Advanced Computer Science and Applications, 14(9). https://doi.org/10.14569/ijacsa.2023.0140952
26. Handa, A., Sharma, A., & Shukla, S. (2019). Machine learning in cybersecurity: a review. Wiley Interdisciplinary Reviews Data Mining and Knowledge Discovery, 9(4). https://doi.org/10.1002/widm.1306
27. Hsu, C., Yang, C., Cheng, H., Setiasabda, P., & Leu, J. (2021). Enhancing file entropy analysis to improve machine learning detection rate of ransomware. Ieee Access, 9, 138345-138351. https://doi.org/10.1109/access.2021.3114148
28. Johnson, R. and Onwuegbuzie, A. (2004). Mixed methods research: a research paradigm whose time has come. Educational Researcher, 33(7), 14-26. https://doi.org/10.3102/0013189x033007014
29. Kalolo, J. (2015). The drive towards application of pragmatic perspective in educational research: opportunities and challenges. Journal of Studies in Education, 5(1), 150. https://doi.org/10.5296/jse.v5i1.7145
30. Kang, Q. (2023). A survey on ransomware threats: contrasting static and dynamic analysis methods.. https://doi.org/10.20944/preprints202311.0798.v1
31. Khalil, N. and Khammas, B. (2022). An effective and efficient features vectors for ransomware detection via machine learning technique. Iraqi Journal of Information & Communications Technology, 5(3), 23-33. https://doi.org/10.31987/ijict.5.3.205
32. Lee, J. (2024). A study on countermeasures against neutralizing technology: encoding algorithm-based ransomware detection methods using machine learning. Electronics, 13(6), 1030. https://doi.org/10.3390/electronics13061030
33. Lee, S. (2023). Hiding in the crowd: ransomware protection by adopting camouflage and hiding strategy with the link file. Ieee Access, 11, 92693-92704. https://doi.org/10.1109/access.2023.3309879
34. Ling, M. (2023). Machine-learning-based network sparsificationmodeling for iots security analysis.. https://doi.org/10.1117/12.2690061
35. Mahboubi, A., Ansari, K., Camtepe, S., Duda, J., Morawiecki, P., Pawlowski, M., … &Pieprzyk, J. (2022). Digital immunity module: preventing unwanted encryption using source coding.. https://doi.org/10.36227/techrxiv.17789735
36. Marcinkowski, B. (2024). Mirad: a method for interpretable ransomware attack detection.. https://doi.org/10.21203/rs.3.rs-3909256/v1
37. Masum, M., Faruk, M., Shahriar, H., Qian, K., Lo, D., & Adnan, M. (2022). Ransomware classification and detection with machine learning algorithms.. https://doi.org/10.1109/ccwc54503.2022.9720869
38. Monson, M. (2021). Socially responsible design science in information systems for sustainable development: a critical research methodology. European Journal of Information Systems, 32(2), 207-237. https://doi.org/10.1080/0960085x.2021.1946442
39. More, P. (2020). Machine learning for cyber threat detection. International Journal of Advanced Trends in Computer Science and Engineering, 9(1.1 S I), 41-46. https://doi.org/10.30534/ijatcse/2020/0891.12020
40. Moreira, C., Sales, C., & Moreira, D. (2022). Understanding ransomware actions through behavioral feature analysis. Journal of Communication and Information Systems, 37(1), 61-76. https://doi.org/10.14209/jcis.2022.7
41. Musser, M. and Garriott, A. (2021). Machine learning and cybersecurity: hype and reality.. https://doi.org/10.51593/2020ca004
42. Mustafa, R. (2023). Subject review: cyber security using machine learning and deep learning techniques. Global Journal of Engineering and Technology Advances, 16(2), 212-219. https://doi.org/10.30574/gjeta.2023.16.2.0161
43. Nazir, I. (2023). Impact of machine learning in cybersecurity augmentation., 147-154. https://doi.org/10.48001/978-81-966500-9-4_12
44. Ngirande, H. (2024). Detection and analysis of android ransomware using the support vector machines. International Journal for Research in Applied Science and Engineering Technology, 12(1), 241-252. https://doi.org/10.22214/ijraset.2024.57885
45. Oz, H. (2021). A survey on ransomware: evolution, taxonomy, and defense solutions.. https://doi.org/10.48550/arxiv.2102.06249
46. Park, H. and Razak, M. (2022). Dynamic ransomware detection for windows platform using machine learning classifiers. Joiv International Journal on Informatics Visualization, 6(2-2), 469. https://doi.org/10.30630/joiv.6.2-2.1093
47. Razaulla, S., Fachkha, C., Markarian, C., Gawanmeh, A., Mansoor, W., Fung, B., … &Assi, C. (2023). The age of ransomware: a survey on the evolution, taxonomy, and research directions. Ieee Access, 11, 40698-40723. https://doi.org/10.1109/access.2023.3268535
48. Shaikh, M. (2024). Fortifying against ransomware: navigating cybersecurity risk management with a focus on ransomware insurance strategies. International Journal of Academic Research in Business and Social Sciences, 14(1). https://doi.org/10.6007/ijarbss/v14-i1/20566
49. Silva, J. and Hernández-Álvarez, M. (2023). Dynamic feature dataset for ransomware detection using machine learning algorithms. Sensors, 23(3), 1053. https://doi.org/10.3390/s23031053
50. Smith, D., Khorsandroo, S., & Roy, K. (2022). Machine learning algorithms and frameworks in ransomware detection. Ieee Access, 10, 117597-117610. https://doi.org/10.1109/access.2022.3218779
51. Steen, J., Bloomer, M., & Pereira, S. (2021). The importance of methodology to palliative care research: a new article type for palliative medicine. Palliative Medicine, 36(1), 4-6. https://doi.org/10.1177/02692163211069566
52. Wang, F. (2023). A few-shot learning approach with a twin neural network utilizing entropy features for ransomware classification.. https://doi.org/10.31219/osf.io/bzhxu
53. Yamany, B. (2024). A holistic approach to ransomware classification: leveraging static and dynamic analysis with visualization. Information, 15(1), 46. https://doi.org/10.3390/info15010046
54. Zahoora, U., Khan, A., Rajarajan, M., Khan, S., Asam, M., & Jamal, T. (2022). Ransomware detection using deep learning based unsupervised feature extraction and a cost sensitive pareto ensemble classifier. Scientific Reports, 12(1). https://doi.org/10.1038/s41598-022-19443-7
55. Zhang, R. (2024). Ransomware detection with a 2-tier machine learning approach using a novel clustering algorithm.. https://doi.org/10.21203/rs.3.rs-4567706/v1
56. Zhang, S. (2023). Early detection and defense countermeasure inference of ransomware based on api sequence. International Journal of Advanced Computer Science and Applications, 14(10). https://doi.org/10.14569/ijacsa.2023.0141067
57. Zhang, S., Xie, X., & Yang, X. (2020). A brute-force black-box method to attack machine learning-based systems in cybersecurity. Ieee Access, 8, 128250-128263. https://doi.org/10.1109/access.2020.3008433
58. Zhong, T. (2024). Ransomware detection with machine learning by applying the lapranove function on bytecode.. https://doi.org/10.31219/osf.io/zk3sw