Mitigating ransomware attacks through cyber threat intelligence and machine learning

Mamady Kante, Vivek Sharma, Keshav Gupta


In the face of escalating cyber threats, particularly the rampant and sophisticated nature of ransomware attacks, organizations are compelled to adopt a proactive and multi-faceted strategy for mitigation. The fusion of machine learning (ML) algorithms enables the system to dynamically adapt and evolve in response to evolving attack vectors and tactics employed by cybercriminals. This paper presents a comprehensive approach that synergistically integrates ML and cyber threat intelligence (CTI) to fortify defenses against ransomware assaults. The proposed methodology incorporates three distinct machine learning techniques, namely random forest (RF), extreme gradient boosting (XGBoost), and adaptive boosting (AdaBoost). Empirical evidence derived from the study affirms the efficacy of this approach in effectively discriminating between malicious and ransom software, achieving a notable identification rate of 98.55%. The incorporation of CTI enhances the strategic posture by providing actionable insights into the threat landscape. The proposed focuses on identifying and neutralizing ransomware, aligning with contemporary cybersecurity imperatives, offering a proactive defense against ransomware attacks, ultimately safeguarding critical assets, and preserving the integrity of digital ecosystems.


Cyber threat intelligence; Machine learning; Malware; Ransomware; Static analysis

Full Text:




  • There are currently no refbacks.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

The Indonesian Journal of Electrical Engineering and Computer Science (IJEECS)
p-ISSN: 2502-4752, e-ISSN: 2502-4760
This journal is published by the Institute of Advanced Engineering and Science (IAES) in collaboration with Intelektual Pustaka Media Utama (IPMU).

shopify stats IJEECS visitor statistics