A Survey on Machine Learning-Based Ransomware Detection

Rani, Nanda; Dhavale, Sunita Vikrant; Singh, Amarjit; Mehra, Atul

doi:10.1007/978-981-16-6890-6_13

Cited by 15 publications

(22 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition to machine learning, heuristic-based approaches have also been a focal point of research [17,32,7]. These methods rely on a set of rules or algorithms to detect ransomware based on known behaviors and characteristics, allowing for the identification of ransomware even in the absence of specific malware signatures [33,34,4].…”

Section: Detection and Prevention Methodologiesmentioning

confidence: 99%

“…In a concerning shift observed more recently, the nature of ransomware has transformed towards data theft [4]. In these instances, attackers not only encrypt data but also exfiltrate sensitive information, holding it hostage with threats of public release unless a ransom is paid [5,4]. This progression in ransomware tactics has been alarming as it represents a double-edged threat [6,7].…”

Section: Introductionmentioning

confidence: 99%

“…This change in strategy underscores the adaptability and cunning nature of ransomware operators, who have recognized and capitalized on the additional leverage that stolen data provides [11,12]. As a result, businesses and organizations are now grappling with not just the encryption of their data, but also with the ominous possibility of their confidential information being exposed, leading to reputational damage and legal complications [4,13]. This dual threat requires a reevaluation of cybersecurity strategies, as traditional approaches may not be fully equipped to handle this two-pronged challenge [14,15].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Applying Markov Decision Processes to Evaluate Ransomware Data Theft Risks

Zhu,

Li,

Zhang

2023

Preprint

View full text Add to dashboard Cite

Ransomware has rapidly evolved into sophisticated, stealthy threats built to extort payments through data encryption and extraction. This paper presents an innovative methodology for ransomware risk evaluation using the mathematical frameworks of Markov Decision Processes (MDP). By modeling ransomware scenarios as MDPs, overlaying risk equations, and applying our analysis, a quantitative assessment of dynamic risk levels and effectiveness of defensive strategies is enabled. The technique is demonstrated through comparative assessment of prominent ransomware groups, industry-specific impact analysis, and time projections of data theft risk trajectories. Despite limitations in model complexity and real-world validation, the methodology elucidates an interdisciplinary approach blending decision theory, control systems and applied mathematics to enrich cyber risk research.

show abstract

Section: Detection and Prevention Methodologiesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Applying Markov Decision Processes to Evaluate Ransomware Data Theft Risks

Zhu,

Li,

Zhang

2023

Preprint

View full text Add to dashboard Cite

show abstract

“…This section highlights some of the recent studies that developed machine-learning models to detect ransomware. Interested readers can refer to Liu et al (2020) and Rani et al (2022) for more information. Aurangzeb et al (2022) developed a BigRC-EML model by using ensemble methods and principal component analysis (PCA) to select the most significant features either static or dynamic.…”

Section: Metaheuristic Algorithms For Solving Ransomware Problemmentioning

confidence: 99%

“…This section highlights some of the recent studies that developed machine‐learning models to detect ransomware. Interested readers can refer to Liu et al (2020) and Rani et al (2022) for more information.…”

Section: Literature Reviewmentioning

confidence: 99%

Android ransomware detection using binary Jaya optimization algorithm

Alazab

2023

Expert Systems

View full text Add to dashboard Cite

Ransomware is a serious security concern to mobile devices, as it prevents the use of the device and its contents until a ransom is paid, resulting in considerable financial losses for both people and corporations. The existing anti‐malware measures have shown to be inadequate in combatting new malware variants that utilize advanced evasion strategies like Polymorphic, Metamorphic, Dynamic Code Loading, Time‐based evasion, and Reflection. Furthermore, these primary defences have also suffered from low detection rates, significant false positives, high processing times, and excessive processing and power consumption that is inappropriate for smartphones. This paper offers the binary JAYA (BJAYA) for ransomware detection in Android mobile devices using the BJAYA optimization‐based algorithm. The developed algorithm's effectiveness has been assessed against two datasets, the 0–1 knapsack, and real ransomware dataset. The proposed BJAYA method surpassed the other algorithms on 85% of the 0–1 knapsack datasets. The suggested BJAYA method was also tested on a ransomware dataset in two phases. In the first stage of testing, BJAYA outperformed other standard classifiers with sensitivity and Gmean values of 97% and 98.2%, respectively. In the second stage of testing, BJAYA outperformed other GA, FPA, and PSO metaheuristic algorithms in terms of specificity, sensitivity, and Gmean. These findings indicate the applicability of the suggested BJAYA algorithm for ransomware detection.

show abstract

Analyzing Malware From API Call Sequences Using Support Vector Machines

Al‐Haija

Krichen²

2023

Engineering Cyber-Physical Systems and Critical Infrastructures

View full text Add to dashboard Cite

A Survey on Machine Learning-Based Ransomware Detection

Cited by 15 publications

References 25 publications

Applying Markov Decision Processes to Evaluate Ransomware Data Theft Risks

Applying Markov Decision Processes to Evaluate Ransomware Data Theft Risks

Android ransomware detection using binary Jaya optimization algorithm

Analyzing Malware From API Call Sequences Using Support Vector Machines

Contact Info

Product

Resources

About