• Corpus ID: 197868067

Ransomware , Threat and Detection Techniques : A Review

@inproceedings{Kok2019RansomwareT,
  title={Ransomware , Threat and Detection Techniques : A Review},
  author={S. H. Kok and Azween Bin Abdullah and Noor Zaman Jhanjhi and Mahadevan Supramaniam},
  year={2019}
}
The popularity of ransomware has created a unique ecosystem of cybercriminals. Therefore, the objectives of this paper are to provide a thorough understanding of ransomware’s threat and discuss recent detection techniques used. Successful ransomware attack has direct financial implication, which is fuelled by several mature enablers, such as encryption technology, cyber currency and accessibility. Encryption is effective and almost unbreakable. Anonymous cyber currency can avoid traceability… 

Figures and Tables from this paper

Ransomware Detection techniques in the Dawn of Artificial Intelligence: A Survey
TLDR
This paper reviews detection techniques that employ Machine Learning, Deep Learning and Natural Language Processing techniques, which are sub-fields of AI for ransomware detection, which have good detection rates.
Ransomware Detection, Avoidance, and Mitigation Scheme: A Review and Future Directions
TLDR
Detection Avoidance Mitigation (DAM), a theoretical framework to review and classify techniques, tools, and strategies to detect, avoid and mitigate Ransomware.
Ransomware Prevention and Mitigation Techniques
TLDR
A brief of the recent research in the prevention of ransomware attacks and the best practices to mitigate the attack impact is presented.
RENTAKA: A Novel Machine Learning Framework for Crypto-Ransomware Pre-encryption Detection
TLDR
This study proposed a pre-encryption detection framework for crypto-ransomware using a machine learning approach, and described RENTAKA, a framework based on machine learning for the early detection of crypto-Ransomware.
Survey On Ransomware Evolution, Prevention, And Mitigation
TLDR
A brief history of ransomware, the best methods to prevent the infection, how to detect it, and how to recover from this infection is presented.
Prevention of Crypto-Ransomware Using a Pre-Encryption Detection Algorithm
TLDR
It was proposed that machine learning is used to detect crypto-ransomware before it starts its encryption function, or at the pre-encryption stage, and low FPR indicates that LA has a low probability of predicting goodware wrongly.
Avoiding Future Digital Extortion Through Robust Protection Against Ransomware Threats Using Deep Learning Based Adaptive Approaches
TLDR
This paper addresses the limitations of conventional supervised detection engine and proposes semi-supervised framework to compute the inherent latent sources of the varying patterns in the new variants of ransomware in an unsupervised way using deep learning approaches.
Classification of ransomware using different types of neural networks
TLDR
This paper will discuss the different types of neural networks, the related work of each type, aiming at the classification of malware in general and ransomware in particular, and the adopted methodology for the implementation of the neural network model (multilayer perceptron).
...
...

References

SHOWING 1-10 OF 34 REFERENCES
RansomWall: A layered defense system against cryptographic ransomware attacks using machine learning
TLDR
Ransom wall follows a Hybrid approach of combined Static and Dynamic analysis to generate a novel compact set of features that characterizes the Ransomware behavior, and uses Machine Learning for unearthing zero-day intrusions.
RanDroid: Structural Similarity Approach for Detecting Ransomware Applications in Android Platform
TLDR
RanDroid is introduced, a new automated lightweight approach for detecting ransomware variants in Android platform by measuring the structural similarity between a set of collected information from an inspected application and aSet of predefined threatening information collected from known ransomware variants.
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage Control
TLDR
The analysis shows that there has been a significant improvement in encryption techniques used by ransomware, and the careful analysis of ransomware behavior can produce an effective detection system that significantly reduces the amount of victim data loss.
The Effective Ransomware Prevention Technique Using Process Monitoring on Android Platform
TLDR
An effective method is proposed to prevent the attacks of modified ransomware on Android platform using statistical methods based on Processor usage, Memory usage, and I/O rates and can detect ransomware even if you do not save its patterns.
UNVEIL: A large-scale, automated approach to detecting ransomware (keynote)
TLDR
The evaluation shows that UNVEIL significantly improves the state of the art, and is able to identify previously unknown evasive ransomware that was not detected by the antimalware industry.
Talos: no more ransomware victims with formal methods
TLDR
A methodology based on formal methods for detecting ransomware malware on Android devices is discussed, and the obtained results show that Talos is very effective in recognizing ransomware even when it is obfuscated.
Ransomware prevention using application authentication-based file access control
TLDR
It is shown that contemporary ransomware programs are unable to encrypt any of the files protected by AntiBotics and that the daily rate of challenges it presents to users is very low.
Automated Dynamic Analysis of Ransomware: Benefits, Limitations and use for Detection
TLDR
EldeRan, a machine learning approach for dynamically analysing and classifying ransomware, is presented, suggesting that dynamic analysis can support ransomware detection, since ransomware samples exhibit a set of characteristic features at run-time that are common across families, and that helps the early detection of new variants.
...
...