A Robust Machine Learning Approach for Intelligent Ransomware Detection in Industrial Control Networks
DOI:
https://doi.org/10.63282/3050-922X.IJERET-V7I2P116Keywords:
Ransomware Detection, Industrial Control Networks (ICNs), Machine Learning (ML), Cybersecurity, Anomaly Detection, Intelligent Systems, SCADA SecurityAbstract
Malicious software known as Malware in the form of viruses, ransomware, and spyware has turned into a global epidemic, and research shows that the impact is intensifying. Numerous ways have been introduced to date to deal with these hazards. To handle this increasing problem, this paper proposes an effective Deep Neural Network (DNN) model that can be used to detect ransomware precisely. The model proves to be very effective in the separation of malicious and benign samples, with an accuracy, precision, recall, and F1-score of 99.76, and an AUC value of 0.98, which indicates the close to perfection of the classification. The findings reveal the high learning stability and generalization without overfitting, which is reinforced by the stable training and validation. Compared to the current methods, including KNN (83.9%), VGG-16 (90.5%), XGBoost (94.1%), and Logistic Regression (96%), the DNN-based model was better in its performance. On the whole, this paper highlights how deep learning can be used to reinforce cybersecurity protection and offer a scalable and intelligent method to counter ransomware attacks in the present digital environment.
References
[1] R. Patel, “Automated Threat Detection and Risk Mitigation for ICS (Industrial Control Systems) Employing Deep Learning in Cybersecurity Defense,” Int. J. Curr. Eng. Technol., vol. 13, no. 06, pp. 584–591, 2023, doi: 10.14741/ijcet/v.13.6.11.
[2] V. M. L. G. Nerella, K. K. Sharma, S. Mahavratayajula, and H. Janardhanan, “A Machine Learning Framework for Cyber Risk Assessment in Cloud-Hosted Critical Data Infrastructure,” J. Inf. Syst. Eng. Manag., vol. 10, no. 4, pp. 2409–2421, 2025, doi: 10.52783/jisem.v10i4.12804.
[3] S. Singh, “Advancing Network Security in 5G: Leveraging the 5G-NIDD Dataset for Intrusion Detection and Mitigation,” in 2025 IEEE 12th International Conference on Cyber Security and Cloud Computing (CSCloud), IEEE, Nov. 2025, pp. 1–6. doi: 10.1109/CSCloud66326.2025.00055.
[4] V. K. Bollu, “Threat Landscape in Artificial Intelligence Systems: Taxonomy, Attack Vectors and Security Implications,” World J. Adv. Res. Rev., vol. 29, no. 1, pp. 285–294, 2026, doi: 10.30574/wjarr. 2026.29.1.0007.
[5] S. A. Pushkala, “Financial Fraud Identification Using Graph Neural Network And LSTM With Autoencoder-Based Data Refinement,” J. Int. Cris. Risk Commun. Res., vol. 9, no. 1, 2026, doi: 10.63278/jicrcr.vi.3615.
[6] S. Chatterjee, “Integrating Identity and Access Management for Critical Infrastructure: Ensuring Compliance and Security in Utility Systems,” Int. J. Innov. Res. Creat. Technol., vol. 8, no. 2, pp. 1–8, 2022.
[7] N. K. Prajapati, “Federated Learning for Privacy-Preserving Cybersecurity: A Review on Secure Threat Detection,” Int. J. Adv. Res. Sci. Commun. Technol., vol. 5, no. 4, pp. 520–528, Apr. 2025, doi: 10.48175/IJARSCT-25168.
[8] V. Verma, “Security Compliance and Risk Management in AI-Driven Financial Transactions,” Int. J. Eng. Sci. Math., vol. 12, no. 7, July, pp. 107–121, 2023.
[9] T. A. Khan et al., “Multi-Source Cyber Intrusion Detection Using Ensemble Machine Learning,” J. Comput. Sci., vol. 21, no. 1, pp. 111–123, Dec. 2024, doi: 10.3844/jcssp. 2025.111.123.
[10] A. R. Bilipelli, “Forecasting the Evolution of Cyber Attacks in FinTech Using Transformer-Based Time Series Models,” Int. J. Res. Anal. Rev., vol. 10, no. 3, pp. 383–389, 2023.
[11] J. B. Mehta, “Autonomous Patch Validation For Zero-Day Exploits In Enterprise Clouds,” Int. J. Appl. Math., vol. 38, no. 4s, pp. 1270–1285, August, 2025, doi: 10.12732/ijam.v38i4s.685.
[12] R. Lingam, “Zero-Trust Architectures for Secure DevOps Automation in Enterprise AI Systems,” Milestone Trans. Artif. Intell., vol. 1, no. 1, pp. 18–33, Jan, 2026, doi: 10.5281/zenodo.1843942.
[13] D. W. Fernando, N. Komninos, and T. Chen, “A Study on the Evolution of Ransomware Detection Using Machine Learning and Deep Learning Techniques,” IoT, vol. 1, no. 2, pp. 551–604, Dec. 2020, doi: 10.3390/iot1020030.
[14] V. Prajapati, “Role of Identity and Access Management in Zero Trust Architecture for Cloud Security : Challenges and Solutions,” Int. J. Adv. Res. Sci. Commun. Technol., vol. 5, no. 3, pp. 6–18, 2025, doi: 10.48175/IJARSCT-23902.
[15] V. Shewale, “Demystifying the MITRE ATT&CK Framework: A Practical Guide to Threat Modeling,” J. Comput. Sci. Technol. Stud., vol. 7, no. 3, pp. 182–186, May 2025, doi: 10.32996/jcsts.2025.7.3.20.
[16] G. Sarraf, “AI-Enhanced Critical Infrastructure Defense: Protecting SCADA and ICS Networks Through Intelligent Monitoring,” Int. J. Curr. Eng. Technol., vol. 14, no. 6, pp. 533–540, 2024, doi: 10.14741/ijcet/v.14.6.16.
[17] S. Pawar, G. Patil, K. Patel, P. Pawar, S. Khedkar, and B. More, “Falsified News Detection Using Deep Learning Approach,” in 2021 Asian Conference on Innovation in Technology (ASIANCON), 2021, pp. 1–5. doi: 10.1109/ASIANCON51346.2021.9544585.
[18] S. Narang and A. Gogineni, “Zero-Trust Security in Intrusion Detection Networks: An AI-Powered Threat Detection in Cloud Environment,” Int. J. Sci. Res. Mod. Technol., vol. 4, no. 5, pp. 60–70, jun. 2025, doi: 10.38124/ijsrmt.v4i5.542.
[19] V. Shah, “Traffic Intelligence In Iot And Cloud Networks: Tools For Monitoring, Security, And Optimization,” Int. J. Recent Technol. Sci. Manag., vol. 9, no. 5, 2024, doi: 10.10206/IJRTSM.2025894735.
[20] R. Rao Thallada and N. Alapati, “Privacy and Cybersecurity Convergence: GRC Controls for Data Protection,” Journal Bus. Manag. Stud., vol. 8, no. 5, pp. 42–48, March, 2026, doi: 10.32996/jbms.
[21] G. Sarraf, “Autonomous Ransomware Forensics: Advanced ML Techniques for Attack Attribution and Recovery,” Int. J. Adv. Res. Sci. Commun. Technol., vol. 3, no. 3, pp. 1377–1390, Jul. 2023, doi: 10.48175/IJARSCT-11978W.
[22] C. H. M. Souza and D. M. Batista, “On the Use of Machine Learning for Modern IoT ELF Malware Detection,” in 2025 IEEE Latin American Conference on Computational Intelligence (LA-CCI), 2025, pp. 1–6. doi: 10.1109/LA-CCI66231.2025.11270436.
[23] R. Kipanga and F. Khennou, “Leveraging Feature Selection and Deep Learning for Accurate Malware and Ransomware Detection in PE Files,” in ISDFS 2025 - 13th International Symposium on Digital Forensics and Security, 2025. doi: 10.1109/ISDFS65363.2025.11012017.
[24] A. Polamarasetti, “Research developments, trends and challenges on the rise of machine learning for detection and classification of malware,” in Intelligent Computing and Emerging Communication Technologies, ICEC 2024, 2024. doi: 10.1109/ICEC59683.2024.10837413.
[25] R. P. Baksi, V. Nalka, and S. Upadhyaya, “Apt Detection of Ransomware - An Approach to Detect Advanced Persistent Threats Using System Call Information,” in Proceedings - 2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom/BigDataSE/CSE/EUC/iSCI 2023, 2023. doi: 10.1109/TrustCom60117.2023.00221.
[26] N. Aljubory and B. M. Khammas, “Hybrid Evolutionary Approach in Feature Vector for Ransomware Detection,” in International Conference on Intelligent Technology, System and Service for Internet of Everything, ITSS-IoE 2021, 2021. doi: 10.1109/ITSS-IoE53029.2021.9615344.
[27] M. Basnet, S. Poudyal, M. H. Ali, and D. Dasgupta, “Ransomware detection using deep learning in the SCADA system of electric vehicle charging station,” in 2021 IEEE PES Innovative Smart Grid Technologies Conference - Latin America, ISGT Latin America 2021, 2021. doi: 10.1109/ISGTLatinAmerica52371.2021.9543031.
[28] S. Singamsetty, “Accelerating data engineering efficiency with self-learning AI algorithms,” Int. J. Comput. Artif. Intell., vol. 6, no. 1, pp. 195–199, Jan. 2025, doi: 10.33545/27076571.2025.v6.i1c.154.
[29] B. Jeganathan, “High-Accuracy Mixed-Type Wafer Defect Classification Using a Custom Alex Net Architecture on the Mixed WM38 Dataset,” Int. J. Res. Innov. Appl. Sci., vol. 10, no. 6, July, pp. 735–748, 2025, doi: 10.51584/IJRIAS.2025.10060057.
[30] M. M. Singh, K. Selvaraj, and Z. Wei, “Enhanced detection of Android ransomware families using machine learning and network traffic analysis,” Bull. Electr. Eng. Informatics, vol. 14, no. 4, pp. 2987–2996, Aug. 2025, doi: 10.11591/eei.v14i4.9485.
[31] A. Singh, Z. Mushtaq, H. A. Abosaq, S. N. F. Mursal, M. Irfan, and G. Nowakowski, “Enhancing Ransomware Attack Detection Using Transfer Learning and Deep Learning Ensemble Models on Cloud-Encrypted Data,” Electronics, vol. 12, no. 18, p. 3899, Sep. 2023, doi: 10.3390/electronics12183899.
[32] S. Satpathy and P. K. Swain, “Graph-contrast ransomware detection (GCRD) with advanced feature selection and deep learning,” Discov. Comput., 2025, doi: 10.1007/s10791-025-09651-w.
[33] A. P. Ferreira, C. Gupta, P. R. M. Inácio, and M. M. Freire, “Behavior-based Malware Detection in Mobile Android Platforms Using Machine Learning Algorithms,” J. Wirel. Mob. Networks, Ubiquitous Comput. Dependable Appl., vol. 12, no. 4, pp. 62–88, 2021, doi: 10.22667/JOWUA.2021.12.31.062.
