Triple-Layer Bayesian Euclidean Curve Algorithm for Automated Ransomware Classification | Research Square window.SnipcartSettings = { analytics: { enabled: false } }; (function() { var accessVector = localStorage.getItem('access_vector') || ''; window.dataLayer = window.dataLayer || []; if (accessVector) { window.dataLayer.push({ user: { profile: { profileInfo: { snid: accessVector } } } }); } })(); (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-K279D39R'); Browse Preprints In Review Journals COVID-19 Preprints AJE Video Bytes Research Tools Research Promotion AJE Professional Editing AJE Rubriq About Preprint Platform In Review Editorial Policies Our Team Advisory Board Help Center Sign In Submit a Preprint Cite Share Download PDF Research Article Triple-Layer Bayesian Euclidean Curve Algorithm for Automated Ransomware Classification Nathaniel Njeri, Oliver Ivanov, Samuel Rodriguez, Annabelle Richardson, and 1 more This is a preprint; it has not been peer reviewed by a journal. https://doi.org/ 10.21203/rs.3.rs-5232479/v1 This work is licensed under a CC BY 4.0 License Status: Posted Version 1 posted You are reading this latest preprint version Abstract Ransomware attacks have emerged as a significant threat in cybersecurity, exploiting vulnerabilities across various systems and infrastructures. The need for highly accurate, automated classification techniques has become paramount to combat the rapid evolution of ransomware. The Triple-Layer Bayesian Euclidean Curve Algorithm offers a novel approach by combining probabilistic inference with distance-based methods, enabling more precise identification of ransomware families even when dealing with complex or overlapping feature spaces. Through its multi-layered structure, the algorithm refines classification decisions incrementally, significantly reducing misclassification rates, particularly for ransomware samples that employ obfuscation or other evasion techniques. Evaluation results demonstrate the algorithm’s superior performance in terms of precision, recall, and accuracy compared to traditional machine learning models, while also exhibiting strong generalization capabilities for unseen ransomware variants. This methodology addresses key challenges in ransomware classification by improving both detection accuracy and the algorithm's adaptability to emerging threats, presenting a robust solution to the growing problem of ransomware in cybersecurity. Computer Architecture and Engineering ransomware Bayesian inference classification Euclidean distance machine learning Full Text Additional Declarations The authors declare no competing interests. Cite Share Download PDF Status: Posted Version 1 posted You are reading this latest preprint version Research Square lets you share your work early, gain feedback from the community, and start making changes to your manuscript prior to peer review in a journal. As a division of Research Square Company, we’re committed to making research communication faster, fairer, and more useful. We do this by developing innovative software and high quality services for the global research community. Our growing team is made up of researchers and industry professionals working together to solve the most critical problems facing scientific publishing. Also discoverable on Platform About Our Team In Review Editorial Policies Advisory Board Help Center Resources Author Services Accessibility API Access RSS feed Manage Cookie Preferences © Research Square 2026 | ISSN 2693-5015 (online) Privacy Policy Terms of Service Do Not Sell My Personal Information {"props":{"pageProps":{"initialData":{"identity":"rs-5232479","acceptedTermsAndConditions":true,"allowDirectSubmit":true,"archivedVersions":[],"articleType":"Research Article","associatedPublications":[],"authors":[{"id":364114926,"identity":"17f3ceb0-73bc-4772-83ad-f895020f1fb4","order_by":0,"name":"Nathaniel Njeri","email":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAAAyAQMAAABI0h/eAAAABlBMVEX///8AAABVwtN+AAAACXBIWXMAAA7EAAAOxAGVKw4bAAAA2klEQVRIie3QsQrCMBCA4QsH7VLpmkV9hUpBERRfpUWok7g6BoRMimt9iz5C4TAuAVcHFxGcHAQXhw6SSXBoMwrm3y7cN1wAXK6frARIIt75THZkOYoB0JqYdJYKazJgpB4XSbMtX6jHqzp3wad9UUeGQk3zVNJ8tybcbeStJ4IsO9WRqNQxGFIcVggtQUzwoN9Ajk9DZhNCZFVFEwuiERKdJZG/Qgw8Si2Iis0n93JNMbblbSobbznRlb0i3g3z9Mru1Xm89UnVEuDl14NXu24KReOKy+Vy/XtvpC9SdcdGYjoAAAAASUVORK5CYII=","orcid":"https://orcid.org/0009-0005-7641-5338","institution":"","correspondingAuthor":true,"prefix":"","firstName":"Nathaniel","middleName":"","lastName":"Njeri","suffix":""},{"id":364114927,"identity":"0a006d96-1bc4-4aca-adcd-46e854efd2c6","order_by":1,"name":"Oliver Ivanov","email":"","orcid":"","institution":"","correspondingAuthor":false,"prefix":"","firstName":"Oliver","middleName":"","lastName":"Ivanov","suffix":""},{"id":364114928,"identity":"1ad1639c-83d9-43fd-83f7-f2e53803bbb2","order_by":2,"name":"Samuel Rodriguez","email":"","orcid":"","institution":"","correspondingAuthor":false,"prefix":"","firstName":"Samuel","middleName":"","lastName":"Rodriguez","suffix":""},{"id":364114929,"identity":"73772c36-b1eb-46dd-b465-9464c26b7571","order_by":3,"name":"Annabelle Richardson","email":"","orcid":"","institution":"","correspondingAuthor":false,"prefix":"","firstName":"Annabelle","middleName":"","lastName":"Richardson","suffix":""},{"id":364114930,"identity":"424be227-55c6-48f6-bfb6-75e7fb8eeeb9","order_by":4,"name":"Catherine Delgado","email":"","orcid":"","institution":"","correspondingAuthor":false,"prefix":"","firstName":"Catherine","middleName":"","lastName":"Delgado","suffix":""}],"badges":[],"createdAt":"2024-10-09 12:22:26","currentVersionCode":1,"declarations":{"humanSubjects":false,"vertebrateSubjects":false,"conflictsOfInterestStatement":false,"humanSubjectEthicalGuidelines":false,"humanSubjectConsent":false,"humanSubjectClinicalTrial":false,"humanSubjectCaseReport":false,"vertebrateSubjectEthicalGuidelines":false},"doi":"10.21203/rs.3.rs-5232479/v1","doiUrl":"https://doi.org/10.21203/rs.3.rs-5232479/v1","draftVersion":[],"editorialEvents":[],"editorialNote":"","failedWorkflow":false,"files":[{"id":66363128,"identity":"426bdff4-5d07-463b-a95d-ef14e64a4364","added_by":"auto","created_at":"2024-10-11 02:17:21","extension":"pdf","order_by":1,"title":"","display":"","copyAsset":false,"role":"manuscript-pdf","size":207129,"visible":true,"origin":"","legend":"","description":"","filename":"3821.pdf","url":"https://assets-eu.researchsquare.com/files/rs-5232479/v1_covered_cbec83b2-dafb-4740-a12b-ed14c9699a75.pdf"}],"financialInterests":"The authors declare no competing interests.","formattedTitle":"\u003cp\u003eTriple-Layer Bayesian Euclidean Curve Algorithm for Automated Ransomware Classification\u003c/p\u003e","fulltext":[],"fulltextSource":"","fullText":"","funders":[],"hasAdminPriorityOnWorkflow":false,"hasManuscriptDocX":false,"hasOptedInToPreprint":true,"hasPassedJournalQc":"","hasAnyPriority":true,"hideJournal":true,"highlight":"","institution":"","isAcceptedByJournal":false,"isAuthorSuppliedPdf":true,"isDeskRejected":"","isHiddenFromSearch":false,"isInQc":false,"isInWorkflow":false,"isPdf":true,"isPdfUpToDate":true,"isWithdrawnOrRetracted":false,"journal":{"display":true,"email":"
[email protected]","identity":"researchsquare","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":true,"externalIdentity":"","sideBox":"","snPcode":"","submissionUrl":"/submission","title":"Research Square","twitterHandle":"researchsquare","acdcEnabled":true,"dfaEnabled":false,"editorialSystem":"","reportingPortfolio":"","inReviewEnabled":false,"inReviewRevisionsEnabled":true},"keywords":"ransomware, Bayesian inference, classification, Euclidean distance, machine learning","lastPublishedDoi":"10.21203/rs.3.rs-5232479/v1","lastPublishedDoiUrl":"https://doi.org/10.21203/rs.3.rs-5232479/v1","license":{"name":"CC BY 4.0","url":"https://creativecommons.org/licenses/by/4.0/"},"manuscriptAbstract":"\u003cp\u003eRansomware attacks have emerged as a significant threat in cybersecurity, exploiting vulnerabilities across various systems and infrastructures. The need for highly accurate, automated classification techniques has become paramount to combat the rapid evolution of ransomware. The Triple-Layer Bayesian Euclidean Curve Algorithm offers a novel approach by combining probabilistic inference with distance-based methods, enabling more precise identification of ransomware families even when dealing with complex or overlapping feature spaces. Through its multi-layered structure, the algorithm refines classification decisions incrementally, significantly reducing misclassification rates, particularly for ransomware samples that employ obfuscation or other evasion techniques. Evaluation results demonstrate the algorithm’s superior performance in terms of precision, recall, and accuracy compared to traditional machine learning models, while also exhibiting strong generalization capabilities for unseen ransomware variants. This methodology addresses key challenges in ransomware classification by improving both detection accuracy and the algorithm's adaptability to emerging threats, presenting a robust solution to the growing problem of ransomware in cybersecurity.\u003c/p\u003e","manuscriptTitle":"Triple-Layer Bayesian Euclidean Curve Algorithm for Automated Ransomware Classification","msid":"","msnumber":"","nonDraftVersions":[{"code":1,"date":"2024-10-11 02:09:14","doi":"10.21203/rs.3.rs-5232479/v1","editorialEvents":[{"type":"communityComments","content":0}],"status":"published","journal":{"display":true,"email":"
[email protected]","identity":"researchsquare","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":true,"externalIdentity":"","sideBox":"","snPcode":"","submissionUrl":"/submission","title":"Research Square","twitterHandle":"researchsquare","acdcEnabled":true,"dfaEnabled":false,"editorialSystem":"","reportingPortfolio":"","inReviewEnabled":false,"inReviewRevisionsEnabled":true}}],"origin":"","ownerIdentity":"806c6663-4175-4f44-9fbc-e81388f53363","owner":[],"postedDate":"October 11th, 2024","published":true,"recentEditorialEvents":[],"rejectedJournal":[],"revision":"","amendment":"","status":"posted","subjectAreas":[{"id":38736425,"name":"Computer Architecture and Engineering"}],"tags":[],"updatedAt":"2024-10-11T02:09:14+00:00","versionOfRecord":[],"versionCreatedAt":"2024-10-11 02:09:14","video":"","vorDoi":"","vorDoiUrl":"","workflowStages":[]},"version":"v1","identity":"rs-5232479","journalConfig":"researchsquare"},"__N_SSP":true},"page":"/article/[identity]/[[...version]]","query":{"redirect":"/article/rs-5232479","identity":"rs-5232479","version":["v1"]},"buildId":"qtupq5eGEP_6zYnWcrvyt","isFallback":false,"isExperimentalCompile":false,"dynamicIds":[84888],"gssp":true,"scriptLoader":[]}
Text is read by the "Ask this paper" AI Q&A widget below.
Extraction quality varies by source — PMC NXML preserves structure
cleanly, OA-HTML may include some navigation residue, and OA-PDF can
have broken hyphenation. The publisher copy
(via DOI)
is the canonical version.