A Survey of Ransomware Detection Methods

A Survey of Ransomware Detection Methods

Ransomware attacks continue to pose a significant challenge to cybersecurity, causing substantial financial and reputational damage to individuals and organizations. These attacks typically encrypt user data and demand a ransom for its release. There is a growing need for more effective and dynamic...

Full description

Saved in:
Bibliographic Details
Main Authors: Saleh Alzahrani, Yang Xiao, Sultan Asiri, Jianying Zheng, Tieshan Li
Format: Article
Language:English
Published: IEEE 2025-01-01
Series:IEEE Access
Subjects:
Ransomware
detection methods
static analysis
dynamic analysis
machine learning
Online Access:https://ieeexplore.ieee.org/document/10945868/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Ransomware attacks continue to pose a significant challenge to cybersecurity, causing substantial financial and reputational damage to individuals and organizations. These attacks typically encrypt user data and demand a ransom for its release. There is a growing need for more effective and dynamic detection methods, especially for zero-day and unknown ransomware variants. This survey focuses on ransomware-detecting methods published from 2019 to 2025. One hundred thirty-five papers were reviewed and filtered based on their scope and publication venue. For in-depth analysis, this survey selected 45 papers focusing on ransomware detection for Windows or Android operating systems. This paper aims to comprehensively review existing ransomware detection methods, focusing on their effectiveness, limitations, and applicability. The detection methods are categorized into machine-learning-based and non-machine-learning-based methods, discussing the advantages and drawbacks of each. The paper also highlights ransomware-as-a-service, explaining what it is, how it works, and how it affects the increasing number of ransomware attacks in recent years. It also studies the datasets used in the reviewed literature, listing their structures and limitations. This survey identifies gaps in current research and suggests future directions for developing more robust ransomware detection systems.
ISSN:2169-3536

Similar Items