Trusted detection of ransomware in a private cloud using machine learning methods leveraging meta-features from volatile memory.

•A solution for trusted detection of unknown ransomware in VMs is proposed.•Valuable data is extracted from the VM's memory dump using the Volatility framework.•General descriptive features are proposed and successfully leveraged by ML algorithms.•The solution was rigorously evaluated using notorious and professional ransomwares.•The Random Forest classifier successfully detected known and unknown ransomware.