ARCHIVES
Original Article
Ransomware Threat Detection and Automated Response System Using Wazuh and Python
Mohan S1
Pradeep G2
Madhuravel P3
Deepakumaar R4
J. Dhivya5
1 2 3 4 Department of Computer Science and Engineering (Cyber Security), United Institute of Technology, Coimbatore, Tamil Nadu, India. 5 Assistant Professor, United Institute of Technology, Coimbatore, Tamil Nadu, India.
Published Online: May-August 2026
Pages: 270-275
Cite this article
↗ https://www.doi.org/10.59256/indjcst.20260502031
References
1. M. Roesch, “Snort: Lightweight intrusion detection for networks,” Proc. USENIX LISA, 1999, pp. 229–238.
2. M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, “A detailed analysis of the KDD Cup 99 dataset,” in Proc. IEEE CISDA, 2009.
3. N. Moustafa and J. Slay, “UNSW-NB15: A comprehensive data set for network intrusion detection systems,” in Proc. MilCIS, 2015.
4. I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “Toward generating a new intrusion detection dataset,” in Proc. ICISSP, 2018, pp. 108–
116.
5. R. Lippmann et al., “Evaluating intrusion detection systems: The 1998 DARPA evaluation,” in Proc. DARPA Information Survivability
Conference, 2000.
6. A. L. Buczak and E. Guven, “A survey of data mining and machine learning methods for cyber security intrusion detection,” IEEE Commun.
Surveys Tuts., vol. 18, no. 2, pp. 1153–1176, 2016.
7. R. Sommer and V. Paxson, “Outside the closed world: On using machine learning for network intrusion detection,” in Proc. IEEE Symp.
Security and Privacy, 2010.
8. G. Kim, S. Lee, and S. Kim, “A hybrid intrusion detection method integrating anomaly and misuse detection,” Expert Syst. Appl., vol. 41,
no. 4, pp. 1690–1700, 2014.
9. A. Javaid, Q. Niyaz, W. Sun, and M. Alam, “A deep learning approach for network intrusion detection system,” in Proc. EAI SecureComm,
2016.
10. A. Ahmed, A. N. Mahmood, and J. Hu, “A survey of network anomaly detection techniques,” J. Netw. Comput. Appl., vol. 60, pp. 19–31,
2016.
11. E. M. Hutchins, M. J. Cloppert, and R. M. Amin, “Intelligence-driven computer network defense using the kill chain model,” Lockheed
Martin White Paper, 2011.
12. MITRE Corporation, “MITRE ATT&CK Framework,” 2024.
13. Wazuh Inc., “Wazuh: Security Information and Event Management (SIEM) platform documentation,” 2025.
14. S. Axelsson, “Intrusion detection systems: A survey and taxonomy,” Chalmers University Technical Report, 2000.
15. C. Modi, D. Patel, B. Borisaniya, H. Patel, M. Rajarajan, and A. Patel, “A survey of intrusion detection techniques in cloud,” J. Netw.
Comput. Appl., 2013.
16. C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, “DDoS in the IoT: Mirai and other botnets,” IEEE Computer, vol. 50, no. 7, pp. 80–84,
2017.
17. A. O. Arabo, I. Brown, and A. El-Moussa, “Ransomware: Issues and defense mechanisms,” in Proc. IEEE Cybersecurity Conf., 2017.
18. P. Garnaeva et al., “Ransomware evolution and detection techniques,” Kaspersky Security Bulletin, 2023.
19. J. S. Smith and K. R. Johnson, “Behavior-based anomaly detection for endpoint security systems,” IEEE Access, vol. 8, pp. 123456–123467,
2020.
20. H. Hindy, D. Brosset, E. Bayne, et al., “A taxonomy of ransomware threats and mitigation strategies,” IEEE Access, vol. 9, pp. 147792–
147809, 2021.
2. M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, “A detailed analysis of the KDD Cup 99 dataset,” in Proc. IEEE CISDA, 2009.
3. N. Moustafa and J. Slay, “UNSW-NB15: A comprehensive data set for network intrusion detection systems,” in Proc. MilCIS, 2015.
4. I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “Toward generating a new intrusion detection dataset,” in Proc. ICISSP, 2018, pp. 108–
116.
5. R. Lippmann et al., “Evaluating intrusion detection systems: The 1998 DARPA evaluation,” in Proc. DARPA Information Survivability
Conference, 2000.
6. A. L. Buczak and E. Guven, “A survey of data mining and machine learning methods for cyber security intrusion detection,” IEEE Commun.
Surveys Tuts., vol. 18, no. 2, pp. 1153–1176, 2016.
7. R. Sommer and V. Paxson, “Outside the closed world: On using machine learning for network intrusion detection,” in Proc. IEEE Symp.
Security and Privacy, 2010.
8. G. Kim, S. Lee, and S. Kim, “A hybrid intrusion detection method integrating anomaly and misuse detection,” Expert Syst. Appl., vol. 41,
no. 4, pp. 1690–1700, 2014.
9. A. Javaid, Q. Niyaz, W. Sun, and M. Alam, “A deep learning approach for network intrusion detection system,” in Proc. EAI SecureComm,
2016.
10. A. Ahmed, A. N. Mahmood, and J. Hu, “A survey of network anomaly detection techniques,” J. Netw. Comput. Appl., vol. 60, pp. 19–31,
2016.
11. E. M. Hutchins, M. J. Cloppert, and R. M. Amin, “Intelligence-driven computer network defense using the kill chain model,” Lockheed
Martin White Paper, 2011.
12. MITRE Corporation, “MITRE ATT&CK Framework,” 2024.
13. Wazuh Inc., “Wazuh: Security Information and Event Management (SIEM) platform documentation,” 2025.
14. S. Axelsson, “Intrusion detection systems: A survey and taxonomy,” Chalmers University Technical Report, 2000.
15. C. Modi, D. Patel, B. Borisaniya, H. Patel, M. Rajarajan, and A. Patel, “A survey of intrusion detection techniques in cloud,” J. Netw.
Comput. Appl., 2013.
16. C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, “DDoS in the IoT: Mirai and other botnets,” IEEE Computer, vol. 50, no. 7, pp. 80–84,
2017.
17. A. O. Arabo, I. Brown, and A. El-Moussa, “Ransomware: Issues and defense mechanisms,” in Proc. IEEE Cybersecurity Conf., 2017.
18. P. Garnaeva et al., “Ransomware evolution and detection techniques,” Kaspersky Security Bulletin, 2023.
19. J. S. Smith and K. R. Johnson, “Behavior-based anomaly detection for endpoint security systems,” IEEE Access, vol. 8, pp. 123456–123467,
2020.
20. H. Hindy, D. Brosset, E. Bayne, et al., “A taxonomy of ransomware threats and mitigation strategies,” IEEE Access, vol. 9, pp. 147792–
147809, 2021.
Related Articles
2026
Artificial Intelligence in Learning and Teaching
2026
Admin Assist: An AI – Driven Configuration and Orchestration for Enterprise Application
2026
Enhancing Blood Group Identification using pigeon inspired optimization: An Innovative Approach
2026
Eco-Genius: Power Up Smart, Power Down Waste
2026
Crowd-Sourced Disaster Response and Rescue Assistant
2026
