Identification of Ransomware Attacks based on main Processor along with Usage Data

Ransomware presents a critical cyber security challenge by encrypting files and rendering affected systems inoperable. Conventional detection techniques, such as heuristic and signature-based approaches, often fail to recognize newly emerging ransomware variants. This research introduces a machine learning-based detection model that utilizes processor performance metrics and disk usage patterns to efficiently identify ransomware threats. By continuously monitoring hardware performance counters (HPC) and disk INPUT/OUTPUT operations, the system enables early threat detection with minimal computational overhead.Experimental results indicate that the Random Forest classifier outperforms all other evaluated models, achieving the highest accuracy and detecting ransomware within 400 milliseconds with a 0.98 probability. The proposed method offers a scalable, real-time detection system suitable for virtualized environments.