Auditable Machine Unlearning for Privacy-Compliant Ransomware Detection Using Multi-Shard SISA and Deep Reinforcement Learning

📅 2026-07-07
📈 Citations: 0
Influential: 0
📄 PDF
🤖 AI Summary
This work addresses the lack of privacy-compliant selective unlearning and auditability in existing ransomware detection models. The authors propose a novel framework that integrates multi-shard SISA retraining with Double Deep Q-Networks (DDQN), uniquely combining these techniques for behavior-based detection and efficient sample unlearning. The approach maintains high detection performance (F1 = 0.9925, AUC = 0.9983) while enabling shard-level selective retraining, achieving unlearning in only 5–30 seconds across 5–10 shards. Following unlearning, the success rate of membership inference attacks drops to near-random levels (≈0.5), substantially mitigating privacy leakage risks. This framework thus realizes verifiable and regulation-compliant machine unlearning without compromising detection efficacy.
📝 Abstract
Ransomware poses an escalating cybersecurity threat as attackers continuously modify behavioral patterns to evade static defenses. Although existing machine learning-based detectors often achieve strong predictive performance, they generally assume fixed training data and do not support the selective removal of previously learned samples. This limitation conflicts with privacy regulations such as the GDPR and CCPA, which require the removal of sensitive user data upon request. To address this challenge, we propose an auditable ransomware detection and unlearning framework that integrates deep reinforcement learning with multi-shard SISA retraining. In the proposed system, a Double Deep Q-Network (DDQN) learns a reward-guided detection policy from behavioral features under asymmetric security costs, while multi-shard SISA enables privacy-compliant selective sample removal through shard-level retraining. The framework was evaluated using four criteria: utility preservation, oracle-based forgetting validation, membership inference auditing, and computational efficiency. On a balanced Windows 11 behavioral dataset comprising 2,000 samples and 103 features, the baseline DDQN detector achieved an F1 score of 0.9925 and an AUC of 0.9983. The experimental results show that single-shard unlearning maintains minimal utility degradation and low oracle disagreement, whereas moderate shard counts (M = 5-10) provide the best efficiency-performance trade-off, reducing retraining time to 5-30 s compared with 80-330 s for full retraining. In addition, the membership inference scores remain close to 0.5 across most configurations, indicating limited privacy leakage after unlearning. These findings demonstrate that a privacy-compliant ransomware detection framework can jointly achieve high detection performance, auditable deletion verification, and efficient sample removal.
Problem

Research questions and friction points this paper is trying to address.

machine unlearning
ransomware detection
privacy compliance
data deletion
auditable AI
Innovation

Methods, ideas, or system contributions that make the work stand out.

Machine Unlearning
Multi-Shard SISA
Deep Reinforcement Learning
Auditable Deletion
Privacy-Compliant Detection
🔎 Similar Papers
No similar papers found.