Ransomware threat success factors, taxonomy, and countermeasures: A survey and research directions

Bander Ali Saleh Al-rimy*, Mohd Aizaini Maarof, Syed Zainudeen Mohd Shaid

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

Ransomware is a malware category that exploits security mechanisms such as cryptography in order to hijack user files and related resources and demands money in exchange for the locked data. Therefore, ransomware has become a lucrative business that has gained increasing popularity among attackers. Unlike traditional malware, even after removal, ransomware's effect is irreversible and difficult to mitigate without the help of its creator. In addition to the downtime costs and the money that individuals and business entities could pay as a ransom, those victims could incur other damage such as loss of data, reputation, and life. To date, several studies have been conducted to address this unique, challenging threat and have tried to provide detection and prevention solutions. However, there is a lack of survey articles that explore the research endeavors in ransomware and highlight the challenges and issues faced by existing solutions. This survey fills the gap and provides a holistic state-of-the-art review of the research on ransomware and its detection and prevention techniques. The survey puts forward a novel ransomware taxonomy, from several perspectives. It then elaborates on the factors that lead to a successful ransomware attacks before discussing in detail the research into counteracting ransomware, including analysis, prevention, detection and prediction solutions. The survey concludes with a brief discussion on the open issues and potential research directions in the near future.

Original languageEnglish
Pages (from-to)144-166
Number of pages23
JournalComputers and Security
Volume74
Early online date20 Feb 2018
DOIs
Publication statusPublished - 1 May 2018

Keywords

  • Bitcoin
  • Crypto-ransomware
  • Cryptography
  • Cryptovirology
  • Cybersecurity
  • Locker-ransomware
  • Malware
  • Ransomware
  • Scareware
  • WannaCry

Fingerprint

Dive into the research topics of 'Ransomware threat success factors, taxonomy, and countermeasures: A survey and research directions'. Together they form a unique fingerprint.

Cite this