Behavioral analysis of ransomware threats to ESXi Hypervisors: a machine learning-based predictive model
Article Sidebar
Issue Vol. 38 (2026)
-
Comparative analysis of Next.js and Astro frameworks
1-5
-
Behavioral analysis of ransomware threats to ESXi Hypervisors: a machine learning-based predictive model
6-10
-
Performance and usability evaluation of a VR virtual museum application
11-18
-
Comparative analysis of selected data visualization methods
19-25
-
A performance comparison of web programming interfaces: GraphQL, gRPC and Thrift
26-31
-
A review of security mechanisms in electronic payment systems
32-42
-
Clustering methods in machine learning
43-50
-
Comparative analysis of interpretable artificial intelligence methods
51-58
-
Comparative analysis of machine learning classifiers
59-65
-
Analysis of the impact of machine learning algorithms on the quality of generated sounds
66-72
-
Comparative analysis of the functionalities of applications supporting the self-control process of anticoagulation therapy
73-80
-
Application of machine learning for predicting Formula 1 race results
81-86
-
Analysis of latency reduction and performance improvement methods in selected VR applications
87-94
-
Integrating deep learning image analysis into Web GIS applications: A Hybrid Flask - Spring Boot architecture for automated place detection
95-101
Main Article Content
DOI
Sustainable Development Goals (SDG)
- Industry, Innovation, Technology and Infrastructure
Authors
Abstract
In today’s virtualized world, ransomware threats to ESXi hypervisor are a significant and growing concern. Factors include lack of dedicated security tools, an expanding attack surface targeting virtualization infrastructure, the use of data encryption by attackers, and exploitation of known vulnerabilities. Evaluating the ESXi hypervisor is critical for security, performance, and cost efficiency. This paper leverages application of artificial intelligence, specifically machine learning, to assess ransomware threats. The experimental methodology applied in this paper leverages ESXi logs to construct a sample dataset containing 5,000 labeled instances of observed attack outcomes across seven features, including vm_shutdowns, snapshot_deletions, high_entropy_files, shell_command_count, failed_login_attempts, suspicious_port_access, and data_exfil_volume. These features are used to train a model to enhance operational efficiency and maintain a robust virtualized environment.
