A Survey of Crypto Ransomware Attack Detection Methodologies: An Evolving Outlook
- PMID: 35270983
- PMCID: PMC8914995
- DOI: 10.3390/s22051837
A Survey of Crypto Ransomware Attack Detection Methodologies: An Evolving Outlook
Abstract
Recently, ransomware attacks have been among the major threats that target a wide range of Internet and mobile users throughout the world, especially critical cyber physical systems. Due to its unique characteristics, ransomware has attracted the attention of security professionals and researchers toward achieving safer and higher assurance systems that can effectively detect and prevent such attacks. The state-of-the-art crypto ransomware early detection models rely on specific data acquired during the runtime of an attack's lifecycle. However, the evasive mechanisms that these attacks employ to avoid detection often nullify the solutions that are currently in place. More effort is needed to keep up with an attacks' momentum to take the current security defenses to the next level. This survey is devoted to exploring and analyzing the state-of-the-art in ransomware attack detection toward facilitating the research community that endeavors to disrupt this very critical and escalating ransomware problem. The focus is on crypto ransomware as the most prevalent, destructive, and challenging variation. The approaches and open issues pertaining to ransomware detection modeling are reviewed to establish recommendations for future research directions and scope.
Keywords: crypto ransomware; data centric; deep learning; early detection; event-based detection; machine learning-based detection; malware; process centric.
Conflict of interest statement
We declare no conflict of interest.
Figures
Similar articles
-
Temporal Data Correlation Providing Enhanced Dynamic Crypto-Ransomware Pre-Encryption Boundary Delineation.Sensors (Basel). 2023 Apr 28;23(9):4355. doi: 10.3390/s23094355. Sensors (Basel). 2023. PMID: 37177558 Free PMC article.
-
Enhancing ransomware defense: deep learning-based detection and family-wise classification of evolving threats.PeerJ Comput Sci. 2024 Nov 29;10:e2546. doi: 10.7717/peerj-cs.2546. eCollection 2024. PeerJ Comput Sci. 2024. PMID: 39678277 Free PMC article.
-
Android Ransomware Detection Using Supervised Machine Learning Techniques Based on Traffic Analysis.Sensors (Basel). 2023 Dec 28;24(1):189. doi: 10.3390/s24010189. Sensors (Basel). 2023. PMID: 38203051 Free PMC article.
-
A deeper look into cybersecurity issues in the wake of Covid-19: A survey.J King Saud Univ Comput Inf Sci. 2022 Nov;34(10):8176-8206. doi: 10.1016/j.jksuci.2022.08.003. Epub 2022 Aug 11. J King Saud Univ Comput Inf Sci. 2022. PMID: 37521180 Free PMC article. Review.
-
Keep an eye on your personal belongings! The security of personal medical devices and their ecosystems.J Biomed Inform. 2019 Jul;95:103233. doi: 10.1016/j.jbi.2019.103233. Epub 2019 Jun 12. J Biomed Inform. 2019. PMID: 31201966 Review.
Cited by
-
An Effective Self-Configurable Ransomware Prevention Technique for IoMT.Sensors (Basel). 2022 Nov 4;22(21):8516. doi: 10.3390/s22218516. Sensors (Basel). 2022. PMID: 36366214 Free PMC article.
-
Plant and Salamander Inspired Network Attack Detection and Data Recovery Model.Sensors (Basel). 2023 Jun 14;23(12):5562. doi: 10.3390/s23125562. Sensors (Basel). 2023. PMID: 37420729 Free PMC article.
-
eMIFS: A Normalized Hyperbolic Ransomware Deterrence Model Yielding Greater Accuracy and Overall Performance.Sensors (Basel). 2024 Mar 7;24(6):1728. doi: 10.3390/s24061728. Sensors (Basel). 2024. PMID: 38543991 Free PMC article.
-
Optimizing cryptographic protocols against side channel attacks using WGAN-GP and genetic algorithms.Sci Rep. 2025 Jan 16;15(1):2130. doi: 10.1038/s41598-025-86118-4. Sci Rep. 2025. PMID: 39820786 Free PMC article.
-
Entropy Sharing in Ransomware: Bypassing Entropy-Based Detection of Cryptographic Operations.Sensors (Basel). 2024 Feb 23;24(5):1446. doi: 10.3390/s24051446. Sensors (Basel). 2024. PMID: 38474982 Free PMC article.
References
-
- Al-rimy B.A.S., Maarof M.A., Shaid S.Z.M. A 0-Day Aware Crypto-Ransomware Early Behavioral Detection Framework. Springer International Publishing; Cham, Germany: 2018.
-
- Al-rimy B.A.S., Maarof M.A., Prasetyo Y.A., Shaid S.Z.M., Ariffin A.F.M. Zero-day aware decision fusion-based model for crypto-ransomware early detection. Int. J. Integr. Eng. 2018;10 doi: 10.30880/ijie.2018.10.06.011. - DOI
-
- Aboaoja F.A., Zainal A., Ghaleb F.A., Al-rimy B.A.S. Toward an Ensemble Behavioral-based Early Evasive Malware Detection Framework; Proceedings of the 2021 International Conference on Data Science and Its Applications (ICoDSA); Bandung, Indonesia. 6–7 October 2021; Piscataway, NJ, USA: IEEE; 2021.
-
- Al-rimy B.A.S., Maarof M.A., Shaid S.Z.M. Crypto-ransomware early detection model using novel incremental bagging with enhanced semi-random subspace selection. Future Gener. Comput. Syst. 2019;101:476–491. doi: 10.1016/j.future.2019.06.005. - DOI
-
- Al-Rimy B.A.S., Maarof M.A., Alazab M., Shaid S.Z.M., Ghaleb F.A., Almalawi A., Ali A.M., Al-Hadhrami T. Redundancy coefficient gradual up-weighting-based mutual information feature selection technique for crypto-ransomware early detection. Future Gener. Comput. Syst. 2021;115:641–658. doi: 10.1016/j.future.2020.10.002. - DOI
Publication types
MeSH terms
LinkOut - more resources
Full Text Sources
