A Survey on Windows-based Ransomware Taxonomy and Detection Mechanisms | Zendy

Routa Moussaileb | Zendy; Nora Cuppens | Zendy; JeanLouis Lanet | Zendy; Hélène Le Bouder | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

A Survey on Windows-based Ransomware Taxonomy and Detection Mechanisms

Author(s) -

Routa Moussaileb,

Nora Cuppens,

JeanLouis Lanet,

Hélène Le Bouder

Publication year - 2021

Publication title -

acm computing surveys

Language(s) - English

Resource type - Journals

SCImago Journal Rank - 2.079

H-Index - 163

eISSN - 1557-7341

pISSN - 0360-0300

DOI - 10.1145/3453153

Subject(s) - ransomware , malware , computer science , computer security , ransom , software deployment , cryptocurrency , malware analysis , payment , battle , evasion (ethics) , world wide web , operating system , immune system , archaeology , biology , political science , law , immunology , history

Ransomware remains an alarming threat in the 21st century. It has evolved from being a simple scare tactic into a complex malware capable of evasion. Formerly, end-users were targeted via mass infection campaigns. Nevertheless, in recent years, the attackers have focused on targeted attacks, since the latter are profitable and can induce severe damage. A vast number of detection mechanisms have been proposed in the literature. We provide a systematic review of ransomware countermeasures starting from its deployment on the victim machine until the ransom payment via cryptocurrency. We define four stages of this malware attack: Delivery, Deployment, Destruction, and Dealing. Then, we assign the corresponding countermeasures for each phase of the attack and cluster them by the techniques used. Finally, we propose a roadmap for researchers to fill the gaps found in the literature in ransomware’s battle.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research