Surveying Hybrid Intelligence Approaches that Combine Honeypots and AI for Ransomware Defence in Critical Infrastructure

Article Sidebar

PDF
Published: 30-03-2026
DOI: https://doi.org/10.35940/ijrte.F8343.14060326
Keywords:
Ransomware, Honeypot, Artificial Intelligence, Machine Learning, Cybersecurity, Critical Networks

Main Article Content

Ibrahim Shaikh
MS. (Cybersecurity) Student, Department of Information Technology, University of Mumbai, Vidyanagri, Kalina, Santacruz, Mumbai, (Maharashtra), India.
Omkar Nachare
MS. (Cybersecurity) Student, Department of Information Technology, University of Mumbai, Vidyanagri, Kalina, Santacruz, Mumbai, (Maharashtra), India.
Srivaramangai Ramanujam
Professor, Department of Information Technology, University of Mumbai, Vidyanagri, Kalina, Santacruz, Mumbai, (Maharashtra), India.
https://orcid.org/0000-0003-2723-6067

Abstract

Ransomware is a rapidly increasing hazard to essential networks, including the health care, finance, energy, and government sectors. Traditional security solutions have shown deficiencies in their ability to rapidly recognise zero-day ransomware attacks. This research project proposes a hybrid artificial intelligence-honeypot framework for proactive detection and mitigation of ransomware within critical infrastructure. Honeypot-based security technologies will be combined with artificial intelligence-based behavioural analysis of attackers to identify potential ransomware signatures at the earliest possible stage. Machine learning algorithms provide continuous estimates of file system interactions, network traffic patterns, and system calls captured in honeypot environments to detect and profile malicious behaviour. This research will contribute to the effectiveness of combining deception-based security measures with AI-based behavioural models, thus enhancing the resiliency of ransomware defence solutions in critical infrastructure.

Downloads

Download data is not yet available.

Article Details

Issue

Vol. 14 No. 6 (2026): Volume-14 Issue-6, March 2026

Section

Articles
Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

CC-BY-NC-ND 4.0

How to Cite

[1]
Ibrahim Shaikh, Omkar Nachare, and Srivaramangai Ramanujam , Trans., “Surveying Hybrid Intelligence Approaches that Combine Honeypots and AI for Ransomware Defence in Critical Infrastructure”, IJRTE, vol. 14, no. 6, pp. 1–6, Mar. 2026, doi: 10.35940/ijrte.F8343.14060326.
Share |
Crossref
Scopus
Google Scholar
Europe PMC

References

N. Scaife, H. Carter, P. Traynor and K. R. B. Butler, "CryptoLock (and Drop It): Stopping Ransomware Attacks on User Data," 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS), Nara, Japan, 2016, pp. 303-312,https://ieeexplore.ieee.org/document/7536529

Venkatesh Kodela, “Predictive Analytics for Ransomware Attacks: Leveraging AI to Forecast Threats”, Int J Intell Syst Appl Eng, vol. 12, no. 22s, pp. 66, Sep. (2024). DOI: https://ijisae.org/index.php/IJISAE/article/view/6394

Sgandurra, D., Muñoz-González, L., Mohsen, R., & Lupu, E. C, “Automated dynamic analysis of ransomware: Behavioural patterns and detection”, IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10 Sep (2016), v1, pp. 1-12 DOI: https://doi.org/10.48550/arXiv.1609.03020

V. Mathane and P. Lakshmi, “Predictive Analysis of Ransomware Attacks using Context-aware AI in IoT Systems,” International Journal of Advanced Computer Science and Applications, vol. 12, no. 4, (2021). DOI: https://doi.org/10.14569/IJACSA.2021.0120432

Cabaj, K., Gregorczyk, M., & Mazurczyk, W. (2018). Network activity analysis of CryptoLocker ransomware. IEEE Security & Privacy, 16(6), 70–77. DOI: https://doi.org/10.1016/j.compeleceng.2017.10.012

Nawrocki, M., Wählisch, M., Schmidt, T. C., Keil, C., & Schönfelder, J. (2016). A survey on honeypot software and data analysis. IEEE Communications Surveys & Tutorials, 18(3), 1797-1824. DOI: https://doi.org/10.48550/arXiv.1608.06249

Albshaier, L., Alhussein, M., & Alqahtani, S. (2024). Early decision on ransomware identification using machine learning techniques: information (MDPI), 15(8). DOI: https://doi.org/10.3390/info15080484

Lee, J. (2025). A machine learning-based ransomware detection using manipulated entropy features. Sensors (MDPI), 25(8).DOI: https://doi.org/10.3390/s25082406

Alzakari, S. A., Aljuhani, A., & Rizwan, M. (2025). Multi-head attention-based recurrent neural network with enhanced optimization for ransomware detection. Scientific Reports (Nature). DOI: https://doi.org/10.1038/s41598-025-92711-4

Er. Kritika, “A comprehensive literature review on ransomware detection using deep learning, Cyber Security and Applications”, Volume 3, 2025, 100078, ISSN 2772-9184.DOI: https://doi.org/10.1016/j.csa.2024.100078

Iqbal, Muhammad Junaid and Ruiz, Jordi Serra, “AI-Powered Ransomware Detection: A Comprehensive Survey on Machine Learning and Deep Learning Techniques”, 2025.

SSRN: https://ssrn.com/abstract=5355456 or DOI: http://dx.doi.org/10.2139/ssrn.5355456

Higuchi, K., Yamaguchi, Y., & Sakurai, K. “ROFBSα: Real-time backup and ransomware detection architecture”. April 22, 2025. arXiv:2504.14162v1 [cs.CR]DOI: https://doi.org/10.48550/arXiv.2504.14162

AlQahtan, N. “HoneyLite: A Lightweight Honeypot Security Solution for SMEs. Sensors 2025, 25(16), 5207. EISSN 1424-8220, Published by MDPI DOI: https://doi.org/10.3390/s25165207

M. Dodson, A. Beresford, and M. Vingaard, “Using Global Honeypot Networks to Detect Targeted ICS Attacks,” in 2020 12th International Conference on Cyber Conflict (CyCon), Tallinn, Estonia, (2020), pp. 275-291. DOI: https://doi.org/10.23919/CyCon49761.2020.9131734

NIST. “Incident Response Recommendations and Considerations for Cybersecurity Risk Management”. NIST Special Publication 800 NIST SP 800-61r3. April 2025. DOI: https://doi.org/10.6028/NIST.SP.800-61r3

Nada Lachtar, Duha Ibdah, Hamza Khan, and Anys Bacha. 2021. RansomShield: A Visualisation Approach to Defending Mobile Systems Against Ransomware. In ACM Transactions on Privacy and Security. ACM, New York, NY, USA, 29 pages. DOI: https://doi.org/10.1145/3579822

Homayoun, S., Dehghantanha, A., Ahmadzadeh, M., Hashemi, S., & Khayami, R. (2017). Know abnormal, find evil: Frequent pattern mining for ransomware threat hunting and intelligence. IEEE Transactions on Emerging Topics in Computing, 8(2), 341–351.DOI: https://doi.org/10.1109/TETC.2017.2756908

Continella, A., Guagnelli, A., Zingaro, G., et al. (2016). ShieldFS: A self-healing, ransomware-aware file system. ACM Asia Conference on Computer and Communications Security. DOI: https://doi.org/10.1145/2991079.2991110

Kolodenker, E., Koch, W., Stringhini, G., & Egele, M. (2017). PayBreak: Defence against cryptographic ransomware. ACM Asia Conference on Computer and Communications Security. DOI: https://doi.org/10.1145/3052973.3053035

Omar Shamil Ahmed, Omar Abdulmunem Ibrahim Al-Dabbagh, Journal of Education and Science 30(5): 86-102 (2021). Ransomware Detection System Based on Machine Learning DOI: https://doi.org/10.33899/edusj.2021.130760.1173

L. H. Purnama and D. H. Prasetyo, “Effectiveness of Artificial Intelligence-Based Adaptive Honeypots in Cyber Threat Detection: A Systematic Literature Review and Meta-Analysis,” Jurnal Sisfokom (Sistem Informasi dan Komputer), vol. 14, no. 4, pp. 123-145, 2025. DOI: https://doi.org/10.32736/sisfokom.v14i4.2403

Most read articles by the same author(s)

<< < 2 3 4 5 6 7 8 9 10 11 > >>