Open Access

ARTICLE

Detecting Ransomware Using a Hybrid Detection Scheme

David Conway, Paolina Centonze^*

Department of Computer Science, Iona University, New Rochelle, NY 10804, USA

* Corresponding Author: Paolina Centonze. Email:

Journal of Cyber Security 2025, 7, 71-78. https://doi.org/10.32604/jcs.2025.063711

Received 22 January 2025; Accepted 23 April 2025; Issue published 14 May 2025

Abstract

Ransomware is a variant of malicious software that aims to encrypt data or whole systems to lock out the intended users. The attackers then demand a ransom for the decryption key to allow the intended users access to their data or system again. Ransomware attacks have the potential to be used against industries like healthcare and finance, as well as against the public sector, have threatened and forced the operations of key infrastructure used by millions to cease, and extorted millions and millions of dollars from victims. Automated methods have been designed and implemented to detect ransomware within a system, some of which rely on created rules or heuristics to act as a blacklist for software. Others incorporate artificial intelligence, including machine learning models which use previous data to predict whether software is benign or malicious. We attempt to create a hybrid ransomware detection scheme that combines the non-artificial intelligence method of heuristic-based detection with machine learning detection to explore differences in accuracy and speed compared to solely machine learning detection.

---

Keywords

---