<![CDATA[Ransomware remains a rapidly evolving cyber threat, causing substantial financial and operational disruptions globally. Traditional signature-based detection systems are ineffective against sophisticated, zero-day attacks due to their static nature. Consequently, machine learning-based approaches offer a more effective and adaptive alternative. This study proposes an approach utilizing XGBoost for highly effective ransomware detection. We conducted a rigorous comparative analysis of prominent ensemble learning algorithms—XGBoost, Random Forest, Gradient Boosting, and AdaBoost—on the RISS Ransomware Dataset, comprising 1,524 instances. Our experimental results unequivocally demonstrate XGBoost as the superior ensemble model, achieving an impressive 97.60% accuracy and F1-Score. This performance surpassed Gradient Boosting (97.20%), Random Forest (96.94%), and AdaBoost (96.50%). Furthermore, this study benchmarked XGBoost against established state-of-the-art (SOTA) methods, including Support Vector Machine (SVM) and the SA-CNN-IS deep learning approach. The comprehensive results underscore the core contribution of this study: by applying XGBoost with a carefully structured machine learning pipeline, our approach consistently outperforms two state-of-the-art methods (SVM and SA-CNN-IS) as well as other ensemble algorithms. This highlights the critical role of methodological precision in maximizing detection performance against evolving ransomware threats.]]>
Copyrights © 2025
