├── Photos
    ├── confusion_matrix.png
    ├── header.jpg
    ├── header_img_malware.png
    └── lime.png
├── README.md
├── Ransomware.csv
├── Ransomware.ipynb
├── notebook_to_generate_requirement_file.ipynb
└── requirements.txt


/Photos/confusion_matrix.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mathur99/RansomwareDetection/514e0df368e5253febfcadeb6d436151987275ea/Photos/confusion_matrix.png


--------------------------------------------------------------------------------
/Photos/header.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mathur99/RansomwareDetection/514e0df368e5253febfcadeb6d436151987275ea/Photos/header.jpg


--------------------------------------------------------------------------------
/Photos/header_img_malware.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mathur99/RansomwareDetection/514e0df368e5253febfcadeb6d436151987275ea/Photos/header_img_malware.png


--------------------------------------------------------------------------------
/Photos/lime.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mathur99/RansomwareDetection/514e0df368e5253febfcadeb6d436151987275ea/Photos/lime.png


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Ransomware Detection using Machine Learning
 2 | 
 3 | ![Ransomware](Photos/header_img_malware.png)
 4 | 
 5 | 
 6 | **Goal of this Project**\
 7 | Predict Ransomware & Malware based on file properties extracted from a tool. It's a classification problem (Supervised Machine Learning). The data was imbalanced and must be transformed using (Synthetic Samples: SMOTE-Tomek).
 8 | 
 9 | 
10 | **Highlights**
11 | * ***LazyPredict*** for AutoML  [Official Documentation](https://lazypredict.readthedocs.io/en/latest/readme.html#classification)
12 | * LIME for Local Explainations   
13 | * Weight of Evidence (Feature Selection Technique on Feature Separation Power)  [Read More](https://www.listendata.com/2015/03/weight-of-evidence-woe-and-information.html)
14 |   
15 | 
16 | | ![Ransomware](Photos/lime.png) | 
17 | |:--:| 
18 | | *LIME Explainability for Local Interpretation* |
19 | 
20 | 
21 | **Model Performance on Test Dataset**
22 | | ![Ransomware](Photos/confusion_matrix.png) | 
23 | |:--:| 
24 | | *Confusion Matrix* |
25 | 
26 | 
27 | **Metrics**
28 | Test Data Results:
29 | * Model Used: Random Forest
30 | * Accuracy: 0.9933
31 | * Precision: 0.9847
32 | * Recall: 0.9931
33 | * F1 Score: 0.9889
34 | * MCC: 0.9841
35 | * False Positive Rate: 0.0067
36 | * AUC Score: 0.9994
37 | 
38 | 
39 | **Install Libraries using requirements.txt**
40 | ```
41 | pip install -r /path/to/requirements.txt
42 | ```
43 | 


--------------------------------------------------------------------------------
/notebook_to_generate_requirement_file.ipynb:
--------------------------------------------------------------------------------
 1 | {
 2 |  "cells": [
 3 |   {
 4 |    "cell_type": "code",
 5 |    "execution_count": 1,
 6 |    "id": "387f61aa-ed0d-43d1-b7a3-edae97f98a85",
 7 |    "metadata": {},
 8 |    "outputs": [],
 9 |    "source": [
10 |     "import re\n",
11 |     "\n",
12 |     "# Step 1: Extract imports from the notebook\n",
13 |     "with open('./Ransomware.ipynb', 'r') as file:\n",
14 |     "    notebook_content = file.read()\n",
15 |     "\n",
16 |     "# Use regex to find all imported libraries\n",
17 |     "imports = set(re.findall(r'import (\\S+)|from (\\S+) import', notebook_content))\n",
18 |     "\n",
19 |     "# Flatten the list of tuples into a set of unique library names\n",
20 |     "libraries = set([item for sublist in imports for item in sublist if item])\n",
21 |     "\n",
22 |     "# Step 2: Compare with pip freeze\n",
23 |     "pip_freeze = !pip freeze\n",
24 |     "filtered_packages = []\n",
25 |     "\n",
26 |     "for package in pip_freeze:\n",
27 |     "    for library in libraries:\n",
28 |     "        if package.startswith(library):\n",
29 |     "            filtered_packages.append(package)\n",
30 |     "\n",
31 |     "# Step 3: Write to requirements.txt\n",
32 |     "with open('requirements.txt', 'w') as f:\n",
33 |     "    f.write(\"\\n\".join(filtered_packages))"
34 |    ]
35 |   },
36 |   {
37 |    "cell_type": "code",
38 |    "execution_count": null,
39 |    "id": "6b53bc04-e6a5-48f5-a4e4-f94a25479554",
40 |    "metadata": {},
41 |    "outputs": [],
42 |    "source": []
43 |   }
44 |  ],
45 |  "metadata": {
46 |   "kernelspec": {
47 |    "display_name": "Python 3 (ipykernel)",
48 |    "language": "python",
49 |    "name": "python3"
50 |   },
51 |   "language_info": {
52 |    "codemirror_mode": {
53 |     "name": "ipython",
54 |     "version": 3
55 |    },
56 |    "file_extension": ".py",
57 |    "mimetype": "text/x-python",
58 |    "name": "python",
59 |    "nbconvert_exporter": "python",
60 |    "pygments_lexer": "ipython3",
61 |    "version": "3.11.7"
62 |   }
63 |  },
64 |  "nbformat": 4,
65 |  "nbformat_minor": 5
66 | }
67 | 


--------------------------------------------------------------------------------
/requirements.txt:
--------------------------------------------------------------------------------
 1 | aiobotocore @ file:///private/var/folders/nz/j6p8yfhx1mv_0grj5xl4650h0000gp/T/abs_bba52b0nnu/croot/aiobotocore_1701291516116/work
 2 | aiohttp @ file:///private/var/folders/nz/j6p8yfhx1mv_0grj5xl4650h0000gp/T/abs_b1m9c8aqie/croot/aiohttp_1707342290832/work
 3 | aioitertools @ file:///tmp/build/80754af9/aioitertools_1607109665762/work
 4 | aiosignal @ file:///tmp/build/80754af9/aiosignal_1637843061372/work
 5 | alabaster @ file:///home/ktietz/src/ci/alabaster_1611921544520/work
 6 | altair @ file:///private/var/folders/nz/j6p8yfhx1mv_0grj5xl4650h0000gp/T/abs_a8x4081_4h/croot/altair_1687526044471/work
 7 | anaconda-anon-usage @ file:///private/var/folders/nz/j6p8yfhx1mv_0grj5xl4650h0000gp/T/abs_ca68ugx5h9/croot/anaconda-anon-usage_1697038938120/work
 8 | anaconda-catalogs @ file:///private/var/folders/nz/j6p8yfhx1mv_0grj5xl4650h0000gp/T/abs_e8tmw882qa/croot/anaconda-catalogs_1685727305051/work
 9 | anaconda-client @ file:///private/var/folders/k1/30mswbxs7r1g6zwn8y4fyt500000gp/T/abs_4fl23009pr/croot/anaconda-client_1708640644054/work
10 | anaconda-cloud-auth @ file:///private/var/folders/nz/j6p8yfhx1mv_0grj5xl4650h0000gp/T/abs_f31ldbbwyn/croot/anaconda-cloud-auth_1697462723029/work
11 | anaconda-navigator @ file:///private/var/folders/nz/j6p8yfhx1mv_0grj5xl4650h0000gp/T/abs_f8upxzc9nj/croot/anaconda-navigator_1704813291659/work
12 | anaconda-project @ file:///Users/cbousseau/work/recipes/ci_py311/anaconda-project_1677964558977/work
13 | antlr-denter==1.3.1
14 | antlr4-python3-runtime==4.9.3
15 | anyio @ file:///private/var/folders/k1/30mswbxs7r1g6zwn8y4fyt500000gp/T/abs_a17a7759g2/croot/anyio_1706220182417/work
16 | appdirs==1.4.4
17 | applaunchservices @ file:///Users/cbousseau/work/recipes/ci_py311/applaunchservices_1677955996025/work
18 | appnope @ file:///Users/cbousseau/work/recipes/ci_py311/appnope_1677917710869/work
19 | appscript @ file:///Users/cbousseau/work/recipes/ci_py311/appscript_1677956964648/work
20 | archspec @ file:///croot/archspec_1709217642129/work
21 | argon2-cffi @ file:///opt/conda/conda-bld/argon2-cffi_1645000214183/work
22 | argon2-cffi-bindings @ file:///Users/cbousseau/work/recipes/ci_py311/argon2-cffi-bindings_1677915727169/work
23 | arrow @ file:///Users/cbousseau/work/recipes/ci_py311/arrow_1677931434012/work
24 | astroid @ file:///Users/cbousseau/work/recipes/ci_py311/astroid_1677926110661/work
25 | astropy @ file:///private/var/folders/k1/30mswbxs7r1g6zwn8y4fyt500000gp/T/abs_6bsitngidh/croot/astropy_1697468943967/work
26 | asttokens @ file:///opt/conda/conda-bld/asttokens_1646925590279/work
27 | async-lru @ file:///private/var/folders/k1/30mswbxs7r1g6zwn8y4fyt500000gp/T/abs_02efro5ps8/croot/async-lru_1699554529181/work
28 | atomicwrites==1.4.0
29 | attrs @ file:///private/var/folders/k1/30mswbxs7r1g6zwn8y4fyt500000gp/T/abs_224434dqzl/croot/attrs_1695717839274/work
30 | automata-lib==8.2.0
31 | autopep8 @ file:///opt/conda/conda-bld/autopep8_1650463822033/work
32 | numpy @ file:///private/var/folders/k1/30mswbxs7r1g6zwn8y4fyt500000gp/T/abs_a51i_mbs7m/croot/numpy_and_numpy_base_1708638620867/work/dist/numpy-1.26.4-cp311-cp311-macosx_11_0_arm64.whl#sha256=3d90dd3382cff7becb2384f73058a8e72b81c697e8bb77f1c69a82caca5b0c57
33 | numpydoc @ file:///Users/cbousseau/work/recipes/ci_py311/numpydoc_1677960919550/work
34 | pandas @ file:///private/var/folders/nz/j6p8yfhx1mv_0grj5xl4650h0000gp/T/abs_82r7p4atwy/croot/pandas_1702318000240/work/dist/pandas-2.1.4-cp311-cp311-macosx_11_0_arm64.whl#sha256=63b9f12c34b6c55958dc1c6d032dafd28dc982c5e3a7b0f2802ba7920c95f437
35 | seaborn @ file:///Users/cbousseau/work/recipes/ci_py311/seaborn_1677961968762/work


--------------------------------------------------------------------------------