Open Access Open Access  Restricted Access Subscription Access

Ransomware Classification Using LeNet-5 Convolutional Neural Networks

Ping Wang,
Wei-Qian Hong,
Dong-Lin Tsai,
Ming-Sheng Jhou,


Recently, the ransomware were installed thru the use of malicious links and downloads, that kidnapped important files of organizations for money blackmail or bitcoins, especially focused on commercial banks and medical services, and public companies. Consequently, it raised a high crisis of information security management for corporates. Accordingly, the present study proposes a formal concept analysis-based security management system for Ransomware detection with malware sandbox analysis platform by analyzing the bahivoral features of malware. Then, using LeNet-5 Convolutional Neural Networks to learn the behavior of the ransomware classes for classify the pattern by using behavior characteristic matrix of the ransomware. Experimental data show that our model is capable of performing the missions including of i) explicitly identifying the mapping relations between Ransomware classes and their behavioral features, ii) As a basis of detection rules for network intrusion detection to classify the Ransomware families and their variations, and (iii) assist manager detect the malicious intrusion or illegal downloads for Ransomware from cyber threats with high accuracy and low false rate.

Citation Format:
Ping Wang, Wei-Qian Hong, Dong-Lin Tsai, Ming-Sheng Jhou, "Ransomware Classification Using LeNet-5 Convolutional Neural Networks," Communications of the CCISA, vol. 26, no. 2 , pp. 21-48, May. 2020.

Full Text:



  • There are currently no refbacks.

Published by Chinese Cryptology and Information Security Association (CCISA), Taiwan, R.O.C
CCCISA Editorial Office, No.1, Sec. 1, Shennong Rd., Yilan City, Yilan County 260, Taiwan (R.O.C.)