An automated approach to analysis and classification of Crypto-ransomwares’ family

There is no doubt that malicious programs are one of the permanent threats to computer systems. Malicious programs distract the normal process of computer systems to apply their roguish purposes. Meanwhile, there is also a type of malware known as the ransomware that limits victims to access their computer system either by encrypting the victimchr('39')s files or by locking the system. Despite other malicious families, ransomware families explicitly warn victims against its existence on the computer system. Although ransomwares are serious problems with computers, they can be detected with restricted footprints on victims’ computers. In this research, we provide a ransomware monitoring system which requires special environments to extract the malware filesystemchr('39')s activities. A set of features based on filesystemchr('39')s activities is extracted to classify ransomware families with an accuracy 98% by applying machine learning technique.