Ransomware detection using the dynamic analysis and machine learning: a survey and research directions

Umara Urooj*, Bander Ali Saleh Al-Rimy, Anazida Zainal, Fuad A. Ghaleb, Murad A. Rassam

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

5 Downloads (Pure)

Abstract

Ransomware is an ill-famed malware that has received recognition because of its lethal and irrevocable effects on its victims. The irreparable loss caused due to ransomware requires the timely detection of these attacks. Several studies including surveys and reviews are conducted on the evolution, taxonomy, trends, threats, and countermeasures of ransomware. Some of these studies were specifically dedicated to IoT and android platforms. However, there is not a single study in the available literature that addresses the significance of dynamic analysis for the ransomware detection studies for all the targeted platforms. This study also provides the information about the datasets collection from its sources, which were utilized in the ransomware detection studies of the diverse platforms. This study is also distinct in terms of providing a survey about the ransomware detection studies utilizing machine learning, deep learning, and blend of both techniques while capitalizing on the advantages of dynamic analysis for the ransomware detection. The presented work considers the ransomware detection studies conducted from 2019 to 2021. This study provides an ample list of future directions which will pave the way for future research.

Original languageEnglish
Article number172
Number of pages45
JournalApplied Sciences (Switzerland)
Volume12
Issue number1
Early online date24 Dec 2021
DOIs
Publication statusPublished - 1 Jan 2022

Keywords

  • Cloud
  • Deep learning
  • Dynamic analysis
  • Encryption
  • Internet of Things (IoT)
  • Machine learning
  • Ransomware
  • Ransomware analysis
  • Ransomware detection

Cite this