Privacy-Aware Machine Unlearning with SISA for Reinforcement Learning–Based Ransomware Detection

Download PDF

JANNATUL FERDOUS, Rafiqul Islam, Zahid Islam

Published: 17 Jan 2026, Last Modified: 17 Jan 2026TIME 2026 PosterEveryoneRevisionsBibTeXCC BY 4.0
Keywords: Ransomware detection, machine unlearning, reinforcement learning, DQN, DDQN, responsible AI.
Abstract: Ransomware detection systems increasingly rely on behavior-based machine learning to address evolving attack strategies. However, emerging privacy compliance, data governance, and responsible AI deployment demand not only accurate detection but also the ability to efficiently remove the influence of specific training samples without retraining the models from scratch. In this paper, we present a privacy-aware machine unlearning evaluation framework for RL-based ransomware detection built on Sharded, Isolated, Sliced, and Aggregated (SISA) training. The framework enables efficient data deletion by retraining only the affected model shards rather than the entire detector, substantially reducing the retraining cost while preserving the detection performance. We conducted a controlled comparative study using value-based RL agents such as Deep Q-Network (DQN) and Double Deep Q-Network (DDQN), under identical experimental settings, including a cost-sensitive reward design and 5-fold stratified cross-validation on Windows 11 behavioral ransomware telemetry. The detection confidence was evaluated using a continuous Q-score margin, enabling ROC–AUC analysis beyond binary predictions. For unlearning, the dataset was partitioned into five shards with majority-vote aggregation, and a fast-unlearning path was evaluated by deleting 5% of the samples from a single shard and retraining only that shard. The experimental results show that SISA-based unlearning incurs negligible utility degradation (≤0.2% absolute F1) while achieving substantial retraining time reduction compared with full SISA retraining. The DDQN exhibits slightly improved stability and lower utility loss relative to the DQN, although both agents maintain near-identical in-distribution performance after unlearning. These findings demonstrate that SISA provides a practical, auditable, and computationally efficient unlearning mechanism for RL-based ransomware detection, thereby supporting privacy-aware deployment without compromising security effectiveness.
Submission Number: 13