Submit

Login Login

Register Register

Home/ Journals/ CMC/ Vol.85, No.1, 2025/ 10.32604/cmc.2025.064260

Table of Content

Open Access iconOpen Access

ARTICLE

crossmark

Enhancing Ransomware Detection with Machine Learning Techniques and Effective API Integration

Asad Iqbal1, Mehdi Hussain1,*, Qaiser Riaz1, Madiha Khalid1, Rafia Mumtaz1, Ki-Hyun Jung2,*

1 School of Electrical Engineering and Computer Science, National University of Sciences and Technology (NUST), Islamabad, 44000, Pakistan
2 Department of Software Convergence, Gyeongbuk National University (Andong National University), Gyeongbuk, 36729, Republic of Korea

* Corresponding Authors: Mehdi Hussain. Email: email; Ki-Hyun Jung. Email: email

(This article belongs to the Special Issue: Safe and Secure Artificial Intelligence)

Computers, Materials & Continua 2025, 85(1), 1693-1714. https://doi.org/10.32604/cmc.2025.064260

Received 10 February 2025; Accepted 11 July 2025; Issue published 29 August 2025

Abstract

Ransomware, particularly crypto-ransomware, remains a significant cybersecurity challenge, encrypting victim data and demanding a ransom, often leaving the data irretrievable even if payment is made. This study proposes an early detection approach to mitigate such threats by identifying ransomware activity before the encryption process begins. The approach employs a two-tiered approach: a signature-based method using hashing techniques to match known threats and a dynamic behavior-based analysis leveraging Cuckoo Sandbox and machine learning algorithms. A critical feature is the integration of the most effective Application Programming Interface call monitoring, which analyzes system-level interactions such as file encryption, key generation, and registry modifications. This enables the detection of both known and zero-day ransomware variants, overcoming limitations of traditional methods. The proposed technique was evaluated using classifiers such as Random Forest, Support Vector Machine, and K-Nearest Neighbors, achieving a detection accuracy of 98% based on 26 key ransomware attributes with an 80:20 training-to-testing ratio and 10-fold cross-validation. By combining minimal feature sets with robust behavioral analysis, the proposed method outperforms existing solutions and addresses current challenges in ransomware detection, thereby enhancing cybersecurity resilience.

Keywords

Ransomware; machine learning malware; cyber security; malware; application program interface (API) malware

Cite This Article

APA Style
Iqbal, A., Hussain, M., Riaz, Q., Khalid, M., Mumtaz, R. et al. (2025). Enhancing Ransomware Detection with Machine Learning Techniques and Effective API Integration. Computers, Materials & Continua, 85(1), 1693–1714. https://doi.org/10.32604/cmc.2025.064260
Vancouver Style
Iqbal A, Hussain M, Riaz Q, Khalid M, Mumtaz R, Jung K. Enhancing Ransomware Detection with Machine Learning Techniques and Effective API Integration. Comput Mater Contin. 2025;85(1):1693–1714. https://doi.org/10.32604/cmc.2025.064260
IEEE Style
A. Iqbal, M. Hussain, Q. Riaz, M. Khalid, R. Mumtaz, and K. Jung, “Enhancing Ransomware Detection with Machine Learning Techniques and Effective API Integration,” Comput. Mater. Contin., vol. 85, no. 1, pp. 1693–1714, 2025. https://doi.org/10.32604/cmc.2025.064260
BibTex EndNote RIS



cc Copyright © 2025 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

  • 3000

    View

  • 2210

    Download

  • 0

    Like

Related articles

Copyright© 2025 Tech Science Press
© 1997-2025 TSP (Henderson, USA) unless otherwise stated

Share Link