ENHANCING RANSOMWARE CLASSIFICATION USING LIGHT WEIGHT MACHINE LEARNING ALGORITHM AND ENSEMBLE METHODS

Authors

  • Victor Uneojo Akuboh Nigeria Defence Academy
  • Olalekan J. Awujoola Department of Cyber Security, Nigeria Defence Academy, Kaduna State, Nigeria.
  • Lasisi A. Monsuru Department of Cyber Security, Nigeria Defence Academy, Kaduna State, Nigeria.
  • Saifulahi S. Shitu Department of Cyber Security, Nigeria Defence Academy, Kaduna State, Nigeria.
  • Amina Adebola Department of Cyber Security, Nigeria Defence Academy, Kaduna State, Nigeria.
  • Catherine A. Abimuku Department of Cyber Security, Nigeria Defence Academy, Kaduna State, Nigeria.
  • Badamasi A. Musa Department of Cyber Security, Nigeria Defence Academy, Kaduna State, Nigeria.
  • Ejima U. Innocent Department of Cyber Security, Nigeria Defence Academy, Kaduna State, Nigeria.

DOI:

https://doi.org/10.33003/fjs-2026-1005-5000

Keywords:

Ransomware Classification, Lightweight Algorithms, Ensemble Learning, Soft Voting Ensemble

Abstract

The increasing sophistication and frequency of ransomware attacks pose significant challenges to cybersecurity, particularly in resource-constrained environments where computational efficiency is essential. Traditional detection models often struggle to maintain high accuracy while minimizing false positives and computational overhead, limiting their practical deployment in real-time systems. Addressing this challenge, this research aims to develop a lightweight, efficient, and adaptive machine learning framework that enhances ransomware classification by integrating ensemble learning with advanced feature selection techniques. The study’s objectives include designing a soft voting ensemble model that combines multiple high-performing classifiers to improve accuracy and reduce misclassification rates, applying Recursive Feature Elimination (RFE) to systematically identify and retain the most relevant features for improved efficiency and reduced overfitting, and employing Principal Component Analysis (PCA) to compress the feature space into a set of uncorrelated components while preserving critical detection information. The proposed framework was trained and tested on the “Ransomware-All” subset of the CIC-AndMal2017 dataset containing 348,943 samples with 84 features, and its performance was evaluated using accuracy, precision, recall, and F1 score as metrics. Results show that the soft voting ensemble achieved an accuracy of 99.10%, with both precision and recall at 0.989, outperforming all individual classifiers while significantly lowering false positive and false negative rates. These outcomes demonstrate that the integration of lightweight algorithms, ensemble learning, and feature selection offers a robust and scalable solution for ransomware detection, making it highly suitable for deployment in environments such as IoT devices, mobile platforms, and edge computing systems.

References

Akhtar, T., Gilani, S. O., Mushtaq, Z., Arif, S., Jamil, M., Ayaz, Y., ... & Waris, A. (2021). Effective voting ensemble of homogenous ensembling with multiple attribute-selection approaches for improved identification of thyroid disorder. Electronics, 10(23), 3026. https://doi.org/10.3390/electronics10233026

Alazab, M., Khurma, R. A., Camacho, D., & Martín, A. (2024). Enhanced android ransomware classification through Hybrid Simultaneous Swarm-based optimization. Cognitive Computation, 16(5), 2154-2168. https://doi.org/10.1007/s12559-023-10226-w

Aljabri, M., Alhaidari, F., Albuainain, A., Alrashidi, S., Alansari, J., Alqahtani, W., & Alshaya, J. (2024). Ransomware classification based on machine learning using memory features. Egyptian Informatics Journal, 25, 100445. https://doi.org/10.1016/j.eij.2023.100445

Aurangzeb, S., Anwar, H., Naeem, M. A., & Aleem, M. (2022). BigRC-EML: Big-data based ransomware classification using ensemble machine learning. Cluster Computing, 25(5), 3405-3422. https://doi.org/10.1007/s10586-021-03446-4

Bold, R., Al-Khateeb, H., & Ersotelos, N. (2022). Reducing false negatives in ransomware detection: A critical evaluation of machine learning algorithms. Applied Sciences, 12(24), 12941. https://doi.org/10.3390/app122412941

Dargahi, T., Dehghantanha, A., Bahrami, P. N., Conti, M., Bianchi, G., & Benedetto, L. (2019). A cyber-kill-chain based taxonomy of crypto-ransomware features. Journal of Computer Virology and Hacking Techniques, 15(4), 277-305. https://doi.org/10.1007/s11416-018-0321-5

El Hariri, A., Mouiti, M., & Lazaar, M. (2025). Realtime ransomware process classification using an advanced hybrid approach with machine learning within IoT ecosystems. Engineering Research Express, 7(1), 015211. https://doi.org/10.1088/2631-8695/ad1a8f

Esmaeilyfard, R., Shoaei, Z., & Javidan, R. (2025). A lightweight and efficient model for botnet classification in IoT using stacked ensemble learning. Soft Computing, 1–13. https://doi.org/10.1007/s00500-025-11618-x

Fatima, M., Rehman, O., Rahman, I. M., Ajmal, A., & Park, S. J. (2024). Towards ensemble feature selection for lightweight intrusion detection in resource-constrained IoT devices. Future Internet, 16(10), 368. https://doi.org/10.3390/fi16100368

Fernando, D. W., Komninos, N., & Chen, T. (2020). A study on the evolution of ransomware detection using machine learning and deep learning techniques. IoT, 1(2), 551-604. https://doi.org/10.3390/iot1020029

Gupta, G. P., Thakur, T. C., & Dey, A. K. (2023, June). Ransomware classification framework using soft voting-based ensemble learning. In 2023 2nd International Conference on Computational Modelling, Simulation and Optimization (ICCMSO) (pp. 131–136). IEEE. https://doi.org/10.1109/ICCMSO56940.2023.10193354

Gurukala, N. K. Y., & Verma, D. K. (2024). Feature selection using particle swarm optimization and ensemble-based machine learning models for ransomware classification. SN Computer Science, 5(8), 1–18. https://doi.org/10.1007/s42979-024-02884-9

Ispahany, J., Islam, M. R., Islam, M. Z., & Khan, M. A. (2024). Ransomware detection using machine learning: A review, research limitations and future directions. IEEE Access, 12, 68785-68813. https://doi.org/10.1109/ACCESS.2024.3390703

Malik, H. K., Al-Anber, N. J., & Al-Mekhlafi, F. A. (2023). Comparison of feature selection and feature extraction role in dimensionality reduction of big data. Journal of Techniques, 5(1), 184-192. https://doi.org/10.51173/jt.v5i1.988

McIntosh, T., Kayes, A. S. M., Chen, Y. P. P., Ng, A., & Watters, P. (2021). Ransomware mitigation in the modern era: A comprehensive review, research challenges, and future directions. ACM Computing Surveys (CSUR), 54(9), 1-36. https://doi.org/10.1145/3466817

Mienye, I. D., & Sun, Y. (2022). A survey of ensemble learning: Concepts, algorithms, applications, and prospects. IEEE Access, 10, 99129-99149. https://doi.org/10.1109/ACCESS.2022.3205651

Nanga, S., Bawah, A. T., Acquaye, B. A., Billa, M. I., Baeta, F. D., Odai, N. A., ... & Nsiah, A. D. (2021). Review of dimension reduction methods. Journal of Data Analysis and Information Processing, 9(3), 189-231. https://doi.org/10.4236/jdaip.2021.93012

Pemmasani, P. K., & Rock, D. (2023). The impact of ransomware on government agencies: Lessons learned and future strategies. International Journal of Modern Computing, 6(1), 64-74.

Singh, A., Mushtaq, Z., Abosaq, H. A., Mursal, S. N. F., Irfan, M., & Nowakowski, G. (2023). Enhancing ransomware attack classification using transfer learning and deep learning ensemble models on cloud-encrypted data. Electronics, 12(18), 3899. https://doi.org/10.3390/electronics12183899

Usmani, U. A., Happonen, A., & Watada, J. (2022, July). A review of unsupervised machine learning frameworks for anomaly detection in industrial applications. In Science and Information Conference (pp. 158–189). Cham: Springer International Publishing. https://doi.org/10.1007/978-3-031-10467-1_11

Yamany, B., Elsayed, M. S., Jurcut, A. D., Abdelbaki, N., & Azer, M. A. (2022). A new scheme for ransomware classification and clustering using static features. Electronics, 11(20), 3307. https://doi.org/10.3390/electronics11203307

Yan, P., Khoei, T. T., Hyder, R. S., & Hyder, R. S. (2024, October). A dual-stage ensemble approach to detect and classify ransomware attacks. In 2024 IEEE 15th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON) (pp. 781–786). IEEE. https://doi.org/10.1109/UEMCON60529.2024.10723877

Yin, X., Liu, Q., Pan, Y., Huang, X., Wu, J., & Wang, X. (2021). Strength of stacking technique of ensemble learning in rockburst prediction with imbalanced data: Comparison of eight single and ensemble models. Natural Resources Research, 30(2), 1795-1815. https://doi.org/10.1007/s11053-020-09799-3

Zhang, Y., & Wang, Z. (2023). Feature engineering and model optimization based classification method for network intrusion detection. Applied Sciences, 13(16), 9363. https://doi.org/10.3390/app13169363

Downloads

Published

07-03-2026

Issue

Vol. 10 No. 5 (2026): FUDMA Journal of Sciences - Vol. 10 No. 5

Section

Research Articles

Categories

License

Copyright (c) 2026 Victor Uneojo Akuboh, Olalekan J. Awujoola, Lasisi A. Monsuru, Saifulahi S. Shitu, Amina Adebola, Catherine A. Abimuku, Badamasi A. Musa, Ejima U. Innocent

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

Akuboh, V. U., Awujoola, O. J., Monsuru, L. A., Shitu, S. S., Adebola, A., Abimuku, C. A., Musa, B. A., & Innocent, E. U. (2026). ENHANCING RANSOMWARE CLASSIFICATION USING LIGHT WEIGHT MACHINE LEARNING ALGORITHM AND ENSEMBLE METHODS. FUDMA JOURNAL OF SCIENCES, 10(5), 278-282. https://doi.org/10.33003/fjs-2026-1005-5000

Most read articles by the same author(s)