R-Sentry: Deception based ransomware detection using file access patterns

•Exponential increase in ransomware attacks indicates that the current detection mechanisms can still be bypassed. Most of the techniques developed use a reactive approach to detection which is based on responding to events after they have happened.•Since ransomware attacks are dealing with sensitive data and the encryption process is irreversible unless a ransom is paid, an early warning system which can defend against this type of malware is to be developed.•A deception-based method for early detection of ransomware by distributing honey files in various folders based on several criteria depending on the traversal patterns of ransomware is developed.