Abstract
The world has noticed an alarming surge in ransomware cyberattacks these last years, causing an important financial losses to various organizations. Ransomware attacks are types of malware that usually lock the users’ devices or encrypt their data files and request them to pay money (ransom) to unlock the devices or to recover the encrypted files. Several researches proposed techniques to detect this kind of malwares in their early stages of propagation. However, most of these detection methods followed a signature-based technique, which have difficulties to detect zero-day and unknown ransomware. New techniques that can dynamically identify and stop this type of ransomware are thus desperately needed. In this direction, machine learning and deep learning techniques are recently applied in ransomware detection, spam detection, image recognition, … etc. In this paper, we provide a survey about the ransomware detection studies using machine learning and deep learning techniques, conducted from 2017 to 2022. This paper also provides an in-depth list of possible directions for future study.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Trend Micro Incorporated, The next tier—8 security predictions for 2017—security predictions, 2017. Accessed 25 June 2022
Sophos, Sophos state of ransomware 2022 report (2022)
Kaspersky, Ransomware attacks and types—how encryption trojans differ (2022). Accessed 4 April 2022
L. Constantin, New locky ransomware version can operate in offline mode (2016). Accessed 30 June 2022
T. Burt, New action to disrupt world’s largest online criminal network (2020). Accessed 23 April 2022
C. Burdova, What is eternalblue and why is the ms17-010 exploit still relevant? (2020). Accessed 23 April 2022
Map of how tens of thousands of computers were infected with wan-nacry (2017). Accessed 30 June 2022
Malwarebytes Threat Intelligence,. What is emotet malware and how to protect yourself (2021). Accessed 1 April 2022
Wikipedia, Darkside hacker group (2021). Accessed 22 May 2022
A. Hobbs, The Colonial Pipeline Hack: Exposing Vulnerabilities in us Cybersecurity (In SAGE Business Cases. SAGE Publications, SAGE Business Cases Originals, 2021)
Threat Intelligence Team, Ransomware: April 2022 review (2022). Accessed 25 May 2022
B. Toulas, Qbot now pushes black basta ransomware in bot-powered attacks (2022). Accessed 25 June 2022
S. Gatlan, Linux version of black basta ransomware targets vmware esxi servers (2022). Accessed 25 June 2022
Dr. J. Popp, Aids trojan horse (2021). Accessed 23 May 2022
J. De Groot, A history of ransomware attacks: The biggest and worst ransomware attacks of all time (2022). Accessed 1 June 2022
J. Johnson, Number of new ransomware families 2020 (2021). Accessed 12 June 2022
Kaspersky, Iformaiton technology threat evolution in q1 2022. non- mobile statistics (2022). Accessed 28 June 2022
Ayed Al Qartah, Evolving Ransomware Attacks on Healthcare Providers. PhD thesis, Utica College (2020)
Kasey Panetta, The top 8 cybersecurity predictions for 2021–2022 (2021). Accessed 30 June 2022
Ransomware actors increasingly demand payment in monero. Accessed 1 June 2022
S. Poudyal, K.P. Subedi, D. Dasgupta, A framework for analyzing ransomware using machine learning, in 2018 IEEE Symposium Series on Computational Intelligence (SSCI) (IEEE, 2018), pp. 1692–1699
Y.-L. Wan, J.-C. Chang, R.-J. Chen, S.-J. Wang, Feature-selection-based ransomware detection with machine learning of data analysis, in 2018 3rd International Conference on Computer and Communication Systems (ICCCS) (IEEE, 2018), pp. 85–88
Y. Takeuchi, K. Sakai, S. Fukumoto, Detecting ran- somware using support vector machines, in Proceedings of the 47th International Conference on Parallel Processing Companion (2018) pp. 1– 6
S.H. Kok, A. Azween, N.Z. Jhanjhi, Evaluation metric for crypto- ransomware detection using machine learning. J. Inf. Secur. Appl. 55, 102646 (2020)
S.I. Bae, G.B. Lee, E.G. Im, Ransomware detection using machine learning algorithms. Concurr. Comput.: Pract. Exp. 32(18), e5422 (2020)
G. Cusack, O. Michel, E. Keller, Machine learning-based detection of ransomware using sdn, in Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization (2018), pp. 1–6
F. Khan, C. Ncube, L. Kumar Ramasamy, S. Kadry, Y. Nam, A digital dna sequencing engine for ransomware detection using machine learning. IEEE Access 8, 119710–119719 (2020)
B. Mohammed Khammas, Ransomware detection using random forest technique. ICT Express 6(4), 325–331 (2020)
A. Dash, S. Pal, C. Hegde, Ransomware auto-detection in iot devices using machine learning. no. December (2018). pp. 0–10
S. Egunjobi, S. Parkinson, A. Crampton, Classifying ransomware using machine learning algorithms, in International Conference on Intelligent Data Engineering and Automated Learning (Springer, 2019. pp. 45–52
J. Hwang, J. Kim, S. Lee, K. Kim, Two-stage ransomware detection using dynamic analysis and machine learning techniques. Wireless Pers. Commun. 112(4), 2597–2609 (2020)
H. Zhang, X. Xiao, F. Mercaldo, S. Ni, F. Martinelli, A.K. Sangaiah, Classification of ransomware families with machine learning based onn-gram of opcodes. Futur. Gener. Comput. Syst. 90, 211–221 (2019)
M. Masum, Md J. Hossain Faruk, H. Shahriar, K. Qian, D. Lo, M. Islam Adnan. Ransomware classifica- tion and detection with machine learning algorithms, in 2022 IEEE 12th Annual Computing and Communication Workshop and Conference (CCWC) (IEEE, 2022). pp. 0316–0322
S. Kashif Shaukat, V.J. Ribeiro, Ransomwall: A layered defense system against cryptographic ransomware attacks using machine learning, in 2018 10th International Conference on Communication Systems & Networks (COMSNETS) (IEEE, 2018). pp. 356–363
A. Ashraf, A. Aziz, U. Zahoora, M. Rajarajan, A. Khan, Ransomware analysis using feature engineering and deep neural networks. arXiv preprint arXiv:1910.00286 (2019)
S. Maniath, A. Ashok, P. Poornachandran, VG Su- jadevi, Prem Sankar AU, and Srinath Jan. Deep learning lstm based ransomware detection, in 2017 Recent Developments in Control, Automation & Power Engineering (RDCAPE) (IEEE, 2017). pp. 442–446
G. AbdulsalamYa’u, G. Kuwunidi Job, S. Mustapha Waziri, B. Jaafar, N. Ado SabonGari, I. Zahraddeen Yakubu, Deep learning for detecting ransomware in edge computing devices based on autoencoder classifier, in 2019 4th International Conference on Electrical, Electronics, Communication, Computer Tech- nologies and Optimization Techniques (ICEECCOT) (IEEE, 2019). pp 240–243
Thezoo: Make the possibility of malware analysis open and available to the public. Accessed 1 April 2022
Malware-traffic-analysis. a source for pcap files and malware samples. Accessed 1 April 2022
Inc. hybrid analysis gmbh. free automated malware analysis service - powered by falcon sandbox. Accessed 1 April 2022
Virusshare.com—because sharing is caring. Accessed 1 April 2022
Virustotal. api scripts. Accessed 2 April 2022
A source for packet capture (pcap) files and malware samples. Accessed 2 April 2022
A real-world dataset. Accessed 2 April 2022
Virustotal. Accessed 2 April 2022
Weka. Accessed 2 April 2022
Riss: Resilient information systems security—ransomware dataset. Accessed 4 April 2022
Ransomware detection using machine learning—github. Accessed 4 April 2022
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Moujoud, L., Ayache, M., Belmekki, A. (2023). A State-of-the-Art Survey on Ransomware Detection using Machine Learning and Deep Learning. In: Idrissi, A. (eds) Modern Artificial Intelligence and Data Science. Studies in Computational Intelligence, vol 1102. Springer, Cham. https://doi.org/10.1007/978-3-031-33309-5_15
Download citation
DOI: https://doi.org/10.1007/978-3-031-33309-5_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-33308-8
Online ISBN: 978-3-031-33309-5
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)