Real Time Ransomware Detection and Mitigation Using Machine Learning
No Thumbnail Available
Date
2025-06-18
Authors
Bahaa Nofal
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Abstract
Ransomware remains one of the most dangerous cybersecurity threats, causing severe damage by encrypting user data and demanding payment. Traditional antivirus systems often fail to detect new or evolving ransomware strains due to their reliance on signature-based detection. In this project, we present an intelligent, real-time ransomware detection and mitigation system that leverages behavioral analysis and machine learning. The system monitors file activities, registry operations, and network behavior using C++ and Windows APIs, and extracts technical features from executable files. These features are then classified using a trained Random Forest model in Python to determine whether a file is benign or malicious. If ransomware is detected, the system takes immediate action to stop the threat before it causes harm. The integration between C++ and Python enables efficient real-time classification, while the system’s modular design ensures extensibility and adaptability to new threats. Our solution was tested on real-world samples in a controlled virtual environment, and achieved high accuracy in detecting ransomware before execution.