Litcius/Paper detail

A Survey on Windows-based Ransomware Taxonomy and Detection Mechanisms

Routa Moussaileb, Nora Cuppens, Jean‐Louis Lanet, Hélène Le Bouder

2021ACM Computing Surveys77 citationsDOI

Abstract

Ransomware remains an alarming threat in the 21st century. It has evolved from being a simple scare tactic into a complex malware capable of evasion. Formerly, end-users were targeted via mass infection campaigns. Nevertheless, in recent years, the attackers have focused on targeted attacks, since the latter are profitable and can induce severe damage. A vast number of detection mechanisms have been proposed in the literature. We provide a systematic review of ransomware countermeasures starting from its deployment on the victim machine until the ransom payment via cryptocurrency. We define four stages of this malware attack: Delivery, Deployment, Destruction, and Dealing. Then, we assign the corresponding countermeasures for each phase of the attack and cluster them by the techniques used. Finally, we propose a roadmap for researchers to fill the gaps found in the literature in ransomware’s battle.

Topics & Concepts

RansomwareMalwareComputer scienceComputer securityRansomSoftware deploymentCryptocurrencyMalware analysisPaymentBattleEvasion (ethics)World Wide WebOperating systemHistoryImmune systemPolitical scienceArchaeologyImmunologyBiologyLawAdvanced Malware Detection TechniquesNetwork Security and Intrusion DetectionSpam and Phishing Detection
A Survey on Windows-based Ransomware Taxonomy and Detection Mechanisms | Litcius