The primary aim of this research was to identify ransomware by monitoring network traffic data from payment systems. The specific research questions include exploring network traffic types that trigger abnormality, system behavior that reveals the presence of malware, and security system performance to stop malware. The research methodology involved a quantitative method in which simulation was done using Python Jupyter Notebook to identify possible issues when assessing malware in network traffic data.

A key finding from the simulation was that the model created had an accuracy of at least 98.7% in detecting malware in network traffic data. However, the simulation also revealed high false negative rates, and it was noted that malware used legitimate file extensions to infiltrate the payment systems, causing delays and disruption of operations. Moreover, the research showed that the performance of security systems could be enhanced by installing relevant security software such as firewalls and antivirus software, as well as by educating users on appropriate cybersecurity behavior. One limitation noticed was that the study was conducted in a controlled environment, which means that certain real-life risks related to ransomware attacks may not have been considered.

One recommendation made from the study is that alternative machine learning tools, such as Bayes network, K-nearest neighbor, and multilayer perceptron, should be considered when developing future ransomware detection systems to determine whether they have higher accuracy.