Detection of Ransomware Attacks Using Processor and Disk Usage Data

Authors

  • Mudundi Narendra Varma PG scholar, Department of MCA, CDNR collage, Bhimavaram, Andhra Pradesh Author
  • A.Naga Raju (Assistant Professor), Master of Computer Applications, DNR collage, Bhimavaram, Andhra Pradesh Author

Abstract

Ransomware attacks have caused massive financial losses globally by evading traditional antivirus mechanisms and encrypting system data, demanding ransom for decryption. Existing monitoring techniques often degrade system performance and yield suboptimal detection accuracy. This study proposes a novel approach using VMware to extract Hardware Performance Counters (HPC) and IO Events without affecting system performance. These features are then analyzed using machine learning algorithms—SVM, KNN, Decision Tree, Random Forest, and XGBoost—and deep learning models—DNN and LSTM—to classify program behavior as benign or ransomware. The integrated dataset, sourced from common programs, enabled training and evaluation, with Random Forest and XGBoost achieving up to 98% accuracy. The results demonstrate the effectiveness of HPC and IO data for accurate, low-impact ransomware detection.

Downloads

Published

2025-04-25

Issue

Vol. 15 No. 2s (2025): April-June

Section

Articles

How to Cite

Detection of Ransomware Attacks Using Processor and Disk Usage Data. (2025). INTERNATIONAL JOURNAL OF MANAGEMENT RESEARCH AND REVIEW, 15(2s), 363-370. https://ijmrr.com/index.php/ijmrr/article/view/80

Most read articles by the same author(s)

<< < 1 2