Ransomware Detection and Prevention Using Machine Learning and Honeypots: A Short Review

Abstract

Ransomware is a type of computer malware that is currently widespread and highly dangerous. Ransomware attacks have become a major cybersecurity risk, posing significant risks to individuals and organizations alike. Also, traditional techniques for malware analysis, such as signature matching and heuristics, are no longer viable due to the exponential growth of malware. Researchers have explored various approaches to address this issue, but there is a lack of proper documentation and comparison of existing works. This paper presents an analysis of ransomware detection systems, which is part of an ongoing research project aiming to develop an open-source ransomware detection system to address the identified gaps in the field. To prevent such attacks, it is recommended to regularly backup files and avoid clicking on untrusted email links and attachments. Machine learning has been suggested by researchers as a more effective method of detecting malware. With internet use on the rise, honeypots offer a viable option for reducing security threats and safeguarding classified data from hackers. Honeypots are regarded as valuable resources for thwarting attacks and giving important insight about the origin and behavior of such attacks, which is useful for analysts who conduct such investigations. This paper provides a general view of cybersecurity, machine learning (ML), cyber threats, and honeypot systems towards mitigating system attacks and understanding their origin and behavior. Index Terms— Cybersecurity, Ransomware, Honeypots, Machine Learning, Detection.