Ransomware Classification and Family Detection Using Machine Learning Models

Ransomware Classification and Family Detection Using Machine Learning Models

Description:

This project focuses on ransomware detection and classification by distinguishing between ransomware and goodware (benign applications) using machine learning.
The dataset comprises 1,524 samples, with 582 ransomware samples and 942 goodware samples, analyzed using Cuckoo Sandbox in early 2016.
The project involves two key tasks: binary classification to differentiate ransomware from goodware, and multi-class classification to categorize ransomware into specific families.
Various machine learning models, including KNN, Decision Tree, Logistic Regression, and Random Forest, were applied.
The project achieved 100% accuracy in binary classification and 99% accuracy in multi-class classification, demonstrating the effectiveness of the approach.
The entire system was developed using Python.

Objectives:

1. Classify applications into ransomware and goodware using binary classification with high accuracy.
2. Perform multi-class classification to identify specific ransomware families.
3. Train machine learning models, including KNN, Decision Tree, Logistic Regression, and Random Forest, to enhance classification performance.
4. Achieve 100% accuracy in binary classification and 99% accuracy in multi-class classification.
5. Utilize a dataset of 1,524 samples, consisting of 582 ransomware and 942 goodware, analyzed with Cuckoo Sandbox.
6. Develop the entire project using Python for flexibility and reproducibility.
7. Provide a reliable classification model that enhances malware detection and ransomware family identification.