Paper 2023/045

A note on machine learning applied in ransomware detection

Manuela Horduna, University Alexandru Ioan Cuza
Simona-Maria Lăzărescu, University Alexandru Ioan Cuza
Emil Simion, Polytechnic University of Bucharest

Ransomware is a malware that employs encryption to hold a victim's data, causing irreparable loss and monetary incentives to individuals or business organizations. The occurrence of ransomware attacks has been increasing significantly and as the attackers are investing more creativity and inventiveness into their threats, the struggle of fighting against ill-themed activities has become more difficult and even time and energy-draining. Therefore, recent researches try to shed some light on combining machine learning with defense mechanisms for detecting this type of malware. Machine learning allows anti-ransomware systems to become more accurate at predicting outcomes or behaviors of the attacks and is vastly used in the advanced research of cybersecurity. In this paper we analyze how machine learning can improve malware recognition in order to stand against critical security issues, giving a brief, yet comprehensive overview of this thriving topic in order to facilitate future research. We also briefly present the most important events of 2022 in terms of ransomware attacks, providing details about the ransoms demanded.

Available format(s)
Publication info
Ransomwaremachine learningmalwarecybersecurity
Contact author(s)
manuela horduna @ gmail com
simona lazarescu @ student uaic ro
emil simion @ upb ro
2023-01-19: approved
2023-01-15: received
See all versions
Short URL
Creative Commons Attribution


      author = {Manuela Horduna and Simona-Maria Lăzărescu and Emil Simion},
      title = {A note on machine learning applied in ransomware detection},
      howpublished = {Cryptology ePrint Archive, Paper 2023/045},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.