Ransomware Detection Service: Execution and Analysis Using Machine Learning Techniques

Network security faces an escalating threat from hacker attacks due to the proliferation and extensive adoption of computer and internet technology. Ransomware, a prevalent form of malicious software, is frequently employed in cyberattacks to deceive victims into revealing their confidential and sensitive data. Consequently, victims may find themselves unable to retrieve their data unless they yield to ransom demands for stolen files or information. To tackle these challenges, a range of countermeasures and strategies have been devised. In this experiment, A Ransomware Detection Service first exposes all current and upcoming ransomware in Windows file shares. This system helps to detect when/where ransomware has shot Windows file shares or local drives. This system doesn't avoid ransomware viruses, instead it trains or informs operators to not remove the files that are duplicated from the “SourcePath”. The “Find Ransomware Files” tab facilitates determining harm affected by a prior uncaught virus. “Audit Files” tab will navigate a directory, parallel file signatures for required file extensions, and build an authenticated files list, unauthenticated files list (likely corrupted/encrypted files), undetermined files list, and forbidden files list. These lists are compiled to form a dataset with 50 feature columns and a Classifier to train a Machine Learning model to predict future Phishing and Ransomware attacks. A Logistic Regression and Random Forest Classifier achieve an accuracy of 98