Run Yu

and 6 more

Dynamic Behavioral Profiling (DBP) presents a novel approach for enhancing ransomware detection through continuous, adaptive monitoring of system behaviors, effectively addressing limitations inherent in static and heuristic-based methods. DBP operates through a multi-stage system architecture, enabling real-time analysis of deviations from baseline behaviors, which are indicative of ransomware activities across various operational phases. Employing techniques such as adaptive thresholding, entropy-based analysis, and time-series modeling, DBP identifies anomalies associated with encryption processes, high-frequency file modifications, and system anomalies linked to ransomware, providing a robust mechanism for early threat detection. Extensive evaluations of DBP reveal significant improvements in detection accuracy, particularly against polymorphic variants, achieving a high level of resilience in identifying unknown threats that evade signature-based methods. Furthermore, DBP demonstrates low false-positive rates, achieving a balance between sensitivity to ransomware indicators and specificity for benign anomalies. By managing computational overhead and optimizing resource consumption across different network conditions, DBP maintains operational efficiency suitable for largescale implementation in diverse cybersecurity environments. Through an analysis of DBP's performance metrics-detection accuracy, false positives, latency, and resource utilization-the results substantiate DBP's applicability as a scalable, effective solution in mitigating ransomware threats within complex and dynamic digital infrastructures.