Enhanced ransomware attacks detection using feature selection, sensitivity analysis, and optimized hybrid model
Guardado en:
| Udgivet i: | Journal of Big Data vol. 12, no. 1 (Nov 2025), p. 245 |
|---|---|
| Hovedforfatter: | |
| Andre forfattere: | , , , |
| Udgivet: |
Springer Nature B.V.
|
| Fag: | |
| Online adgang: | Citation/Abstract Full Text Full Text - PDF |
| Tags: |
Ingen Tags, Vær først til at tagge denne postø!
|
MARC
| LEADER | 00000nab a2200000uu 4500 | ||
|---|---|---|---|
| 001 | 3268285494 | ||
| 003 | UK-CbPIL | ||
| 022 | |a 2196-1115 | ||
| 024 | 7 | |a 10.1186/s40537-025-01289-1 |2 doi | |
| 035 | |a 3268285494 | ||
| 045 | 2 | |b d20251101 |b d20251130 | |
| 100 | 1 | |a Zhang, Kun |u Hainan Normal University, School of Information Science and Technology, Haikou, China (GRID:grid.440732.6) (ISNI:0000 0000 8551 5345); Hainan University, School of Information and Communication Engineering, Haikou, China (GRID:grid.428986.9) (ISNI:0000 0001 0373 6302); Hainan Normal University, Hainan Engineering Research Center for Smart Education Technology, Haikou, China (GRID:grid.440732.6) (ISNI:0000 0000 8551 5345) | |
| 245 | 1 | |a Enhanced ransomware attacks detection using feature selection, sensitivity analysis, and optimized hybrid model | |
| 260 | |b Springer Nature B.V. |c Nov 2025 | ||
| 513 | |a Journal Article | ||
| 520 | 3 | |a Problem statementRansomware attacks pose a severe threat to organizations by exploiting security weaknesses, most often leading to colossal economic and information loss. There is a growing need for efficient and accurate predictive models to detect and prevent such attacks in real-time cybersecurity applications.MethodologyThis paper utilizes the UGRansome dataset, which is a large-scale ransomware and zero-day attack detector. The F-measure method is employed in this paper as a novel method for enhancing model interpretability and preventing redundancy. The Histogram Gradient Boosting classifier, which is optimized, is subsequently enhanced with three advanced metaheuristic optimizers. Sensitivity analysis provides transparent insights into the effects of individual attributes through explainable AI. Finally, the Wilcoxon ranking test is applied to ensure the statistical significance of the performance gain, and K-fold cross-validation ensures robustness and generalizability of the reported models. In addition, Recursive Feature Elimination (RFE) is also applied to rank the features to identify the most important predictors methodically. Sensitivity analysis is also performed utilizing SHapley Additive exPlanations (SHAP) values to present explainable and transparent perspectives on individual feature impacts on the model’s output.ResultsThe hybrid models proposed here exhibit significant gains in prediction accuracy, precision, and recall. The feature importance analysis indicates that economic and behavioral features of the network equally contribute to correct ransomware identification.ContributionsThis work introduces an evaluation of a strong and scalable model for ransomware forecasting that enables organizations to predict threats ahead of time and improve their general cybersecurity capabilities. The integration of cutting-edge feature selection with nature-inspired optimization enables the framework to create more accurate models while maintaining interpretability and efficiency. The method is directly translatable to real-world scenarios, including enhancing cloud security, detecting zero-day attacks, and supporting mass-scale automated threat scanning in fluctuating cybersecurity environments. | |
| 653 | |a Medical diagnosis | ||
| 653 | |a Small business | ||
| 653 | |a Machine learning | ||
| 653 | |a Accuracy | ||
| 653 | |a Deep learning | ||
| 653 | |a Trends | ||
| 653 | |a Sensitivity analysis | ||
| 653 | |a Prediction models | ||
| 653 | |a Organizations | ||
| 653 | |a Optimization | ||
| 653 | |a Small & medium sized enterprises-SME | ||
| 653 | |a Classification | ||
| 653 | |a Digital currencies | ||
| 653 | |a Feature selection | ||
| 653 | |a Ransomware | ||
| 653 | |a Malware | ||
| 653 | |a Algorithms | ||
| 653 | |a Outdoor air quality | ||
| 653 | |a Real time | ||
| 653 | |a Cloud computing | ||
| 653 | |a Explainable artificial intelligence | ||
| 653 | |a Cybersecurity | ||
| 653 | |a Heuristic methods | ||
| 653 | |a Big Data | ||
| 653 | |a Measures | ||
| 653 | |a Statistical significance | ||
| 653 | |a Threats | ||
| 653 | |a Redundancy | ||
| 653 | |a Models | ||
| 653 | |a Robustness | ||
| 653 | |a Generalizability | ||
| 653 | |a Classifiers | ||
| 653 | |a Recursion | ||
| 653 | |a Security | ||
| 653 | |a Elimination | ||
| 653 | |a Forecasting | ||
| 700 | 1 | |a Wang, Yetong |u Hainan Vocational University of Science and Technology, Hainan Engineering Research Center for Virtual Reality Technology and Systems, Haikou, China (GRID:grid.440732.6) | |
| 700 | 1 | |a Bhatti, Uzair Aslam |u Hainan University, School of Information and Communication Engineering, Haikou, China (GRID:grid.428986.9) (ISNI:0000 0001 0373 6302) | |
| 700 | 1 | |a Zhou, Yu |u Hainan Normal University, School of Information Science and Technology, Haikou, China (GRID:grid.440732.6) (ISNI:0000 0000 8551 5345); Hainan Normal University, Hainan Engineering Research Center for Smart Education Technology, Haikou, China (GRID:grid.440732.6) (ISNI:0000 0000 8551 5345) | |
| 700 | 1 | |a Jin, Ming |u Hainan Normal University, School of Foreign Languages, Haikou, China (GRID:grid.440732.6) (ISNI:0000 0000 8551 5345) | |
| 773 | 0 | |t Journal of Big Data |g vol. 12, no. 1 (Nov 2025), p. 245 | |
| 786 | 0 | |d ProQuest |t ABI/INFORM Global | |
| 856 | 4 | 1 | |3 Citation/Abstract |u https://www.proquest.com/docview/3268285494/abstract/embedded/7BTGNMKEMPT1V9Z2?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text |u https://www.proquest.com/docview/3268285494/fulltext/embedded/7BTGNMKEMPT1V9Z2?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text - PDF |u https://www.proquest.com/docview/3268285494/fulltextPDF/embedded/7BTGNMKEMPT1V9Z2?source=fedsrch |