Abstract
This paper proposes FeSAD, a framework that will allow a machine learning classifier to detect evolutionary ransomware. Ransomware is a critical player in the malware space that causes hundreds of millions of dollars of damage globally and evolves quickly. The evolution of ransomware in machine learning classifiers is often calculated as concept drift. Concept drift is dangerous as changes in the behavior of ransomware can easily lead to misclassifications, and misclassification can harm individuals and businesses. Our proposed framework consists of a feature selection layer, drift calibration layer and drift decision layer that allows a machine learning classifier to detect and classify concept drift samples reliably. We evaluate the FeSAD framework in various concept drift scenarios and observe its ability to detect drifting samples effectively. The FeSAD framework is also evaluated on its ability to extend the lifespan of a classifier. The results obtained by this research show that FeSAD can successfully and reliably classify ransomware and benign samples while under concept drift and can extend the time between retraining.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
