Anti-Ransomware Tools to Detect Crypto Ransomware Based on Machine Learning Approach

Abstract

Ransomware is harmful software that aims to block access to a computer system or files unless a certain amount of money is paid to the attackers, usually in cryptocurrency. Previous tools can scan and detect ransomware, report generation, and some extra features such as Virtual Private Network (VPN) with some payments. The problem with current tools is the high false positive rates. We proposed an Anti-Ransomware Tool that can effectively detect and address crypto-ransomware threats, primarily focusing on Tesla Crypt Ransomware. The tool is designed to overcome the common challenges existing in anti-ransomware tools, such as high false alarms that lead to a loss of trust, reduced productivity, and increased downtime costs due to false positives. Our tool adopts an object-oriented approach and employs a Random Forest (RF) algorithm to learn and identify patterns and behaviours indicative of ransomware threats. The development methodology aligns with the Agile Model. The intended users for this tool are adults who regularly use computers for various tasks on the Windows operating system. The expected outcomes of this project include the creation of a comprehensive tool capable of detecting and removing Tesla Crypt Ransomware, featuring a user-friendly interface with scanning, detection, and deletion modules, along with pop-up notifications and a summary module. The final developed Anti-Ransomware Tool could identify and differentiate between legitimate and ransomware files. It could also detect up to 14 various types of Crypto Ransomware and a significantly low 0.34% False Positive Rate.