earticle

영어

In an effort to raise funds, North Korea now performs hacking assaults against the world's financial institutions. More specifically, the North Korean hackers demand money to decrypt the files they created, and since these transactions are handled anonymously, it is difficult to identify them. Therefore, this research uses the BitcoinHeist dataset to identify cryptocurrency-related ransomware. We construct the experiment with two distinct steps: classification and anomaly detection. The XG boosting technique achieved a 100% accuracy score in the first experiment. Even though anomaly detection methods were used in the second trial for detection, they only managed to get a precision score of 50%, whereas XG boosting produced 92%. These tests indicate that the machine learning method for ransomware detection is effective. This study excels in classification and anomaly detection, which is especially noteworthy given that another paper recently classified ransomware variants except for the "white" designation.