Opcodes to Images: A Framework for Early Detection of Ransomware by Utilising Machine Learning Techniques

Abstract

Ransomware is a type of malware that can be used by attackers to encrypt data on a victim’s system and demand a ransom for the key. Ransomware is a devastating problem for individuals and businesses worldwide. The evolving world of technology opens the gates for information to be stolen and destroyed by ransomware, causing massive financial and personal data loss. To mitigate the harmful impact of ransomware, it is crucial to develop solutions that can prevent attacks by detecting them early. The problem with ransomware is that it is often not discovered on a system until it has run and by then it is too late to prevent all the damage it causes. This project addressed the problem by developing a Convolutional Neural Network (CNN) machine learning model trained on images created out of ransomware opcodes that will be able to classify a file as ransomware, detecting it on its way into a system.