Mitigating ransomware attacks through cyber threat intelligence and machine learning
Abstract
In the face of escalating cyber threats, particularly the rampant and sophisticated nature of ransomware attacks, organizations are compelled to adopt a proactive and multi-faceted strategy for mitigation. The fusion of machine learning (ML) algorithms enables the system to dynamically adapt and evolve in response to evolving attack vectors and tactics employed by cybercriminals. This paper presents a comprehensive approach that synergistically integrates ML and cyber threat intelligence (CTI) to fortify defenses against ransomware assaults. The proposed methodology incorporates three distinct machine learning techniques, namely random forest (RF), extreme gradient boosting (XGBoost), and adaptive boosting (AdaBoost). Empirical evidence derived from the study affirms the efficacy of this approach in effectively discriminating between malicious and ransom software, achieving a notable identification rate of 98.55%. The incorporation of CTI enhances the strategic posture by providing actionable insights into the threat landscape. The proposed focuses on identifying and neutralizing ransomware, aligning with contemporary cybersecurity imperatives, offering a proactive defense against ransomware attacks, ultimately safeguarding critical assets, and preserving the integrity of digital ecosystems.
Keywords
Cyber threat intelligence; Machine learning; Malware; Ransomware; Static analysis
Full Text:
PDFDOI: http://doi.org/10.11591/ijeecs.v33.i3.pp1958-1965
Refbacks
- There are currently no refbacks.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Indonesian Journal of Electrical Engineering and Computer Science (IJEECS)
p-ISSN: 2502-4752, e-ISSN: 2502-4760
This journal is published by the Institute of Advanced Engineering and Science (IAES) in collaboration with Intelektual Pustaka Media Utama (IPMU).