An FPGA-Accelerated Decision Tree Model for Ransomware Detection in Pervasive Environments

Resumo


Ransomware poses a threat to pervasive computing environments, where resource-constrained devices require low-latency detection mechanisms. This work presents an FPGA-based hardware classifier that translates a trained decision tree into a fixed-point combinational architecture, enabling deterministic single-cycle inference. The proposed architecture achieves up to 99% accuracy with a constant latency of 20 ns per sample. Compared to a software-based ML implementation, the FPGA solution delivers speedups of up to 2.46 × 103 while utilizing less than 1% of the available logic elements, demonstrating the feasibility of ransomware detection in resource-constrained environments.

Referências

Alcolea, A. and Resano, J. (2021). Fpga accelerator for gradient boosting decision trees. Electronics, 10(3):314.

Alraizza, A. and Algarni, A. (2023). Ransomware detection using machine learning: A survey. Big Data and Cognitive Computing, 7(3):143.

Alwashali, A. A. M. A., Abd Rahman, N. A., and Ismail, N. (2021). A survey of ransomware as a service (raas) and methods to mitigate the attack. In 2021 14th International Conference on Developments in eSystems Engineering (DeSE), pages 92–96. IEEE.

Alzahrani, S., Xiao, Y., Asiri, S., Zheng, J., and Li, T. (2025). A survey of ransomware detection methods. IEEE Access.

Anand, P. M., Charan, P. S., and Shukla, S. K. (2023). Hiper-early detection of a ransomware attack using hardware performance counters. Digital Threats: Research and Practice, 4(3):1–24.

Azmoodeh, A., Dehghantanha, A., Conti, M., and Choo, K.-K. R. (2018). Detecting crypto-ransomware in iot networks based on energy consumption footprint. Journal of Ambient Intelligence and Humanized Computing, 9(4):1141–1152.

Canadian Institute for Cybersecurity (2022). CIC-MalMem-2022 Dataset. [link]. Accessed: 10-10-2025.

Gajjar, A., Kashyap, P., Aysu, A., Franzon, P., Choi, Y., Cheng, C., Pedretti, G., and Ignowski, J. (2024). Rd-faxid: Ransomware detection with fpga-accelerated xgboost. ACM Transactions on Reconfigurable Technology and Systems, 17(4):1–33.

Haque, M. and Ahamed, S. I. (2006). Security in pervasive computing: Current status and open issues. International Journal of Network Security.

Humayun, M., Jhanjhi, N. Z., Alsayat, A., and Ponnusamy, V. (2021). Internet of things and ransomware: Evolution, mitigation and prevention. Egyptian Informatics Journal, 22(1):105–117.

Kulaga, R. and Gorgon, M. (2014). Fpga implementation of decision trees and tree ensembles for character recognition in vivado hls. Image Processing & Communications, 19(2-3):71.

Kusuma, R. S., Umar, R., and Riadi, I. (2021). Network forensics against ryuk ransomware using trigger, acquire, analysis, report, and action (taara) method. Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control.

Lipovskỳ, R., Štefanko, L., and Braniša, G. (2016). The rise of android ransomware.

Makrani, H. M., He, Z., Rafatirad, S., and Sayadi, H. (2022). Accelerated machine learning for on-device hardware-assisted cybersecurity in edge platforms. In 2022 23rd International Symposium on Quality Electronic Design (ISQED), pages 77–83. IEEE.

Malik, V., Khanna, A., Sharma, N., et al. (2024). Trends in ransomware attacks: analysis and future predictions. International Journal of Global Innovations and Solutions (IJGIS).

Mohurle, S. and Patil, M. (2017). A brief study of wannacry threat: Ransomware attack 2017. International journal of advanced research in computer science, 8(5).

Ngo, D.-M., Temko, A., Murphy, C. C., and Popovici, E. (2021). Fpga hardware acceleration framework for anomaly-based intrusion detection system in iot. In 2021 31st International conference on field-programmable logic and applications (FPL), pages 69–75. IEEE.

Oz, H., Aris, A., Levi, A., and Uluagac, A. S. (2022). A survey on ransomware: Evolution, taxonomy, and defense solutions. ACM Computing Surveys (CSUR), 54(11s):1–37.

Park, J. H., Singh, S. K., Salim, M. M., Azzaoui, A. E., and Park, J. H. (2022). Ransomware-based cyber attacks: A comprehensive survey. Journal of Internet Technology, 23(7):1557–1564.

Satyanarayanan, M. (2002). Pervasive computing: Vision and challenges. IEEE Personal communications, 8(4):10–17.
Publicado
19/07/2026
CRUVINEL, Camilly de Melo; ROCHA, Radharani Santos; QUINCOZES, Camilla Charão Borchhardt; MOLINOS, Diego Nunes. An FPGA-Accelerated Decision Tree Model for Ransomware Detection in Pervasive Environments. In: SIMPÓSIO BRASILEIRO DE COMPUTAÇÃO UBÍQUA E PERVASIVA (SBCUP), 18. , 2026, Gramado/RS. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2026 . p. 46-57. ISSN 2595-6183. DOI: https://doi.org/10.5753/sbcup.2026.21471.