SpringerLink
Log in

Machine Learning in Automated Detection of Ransomware: Scope, Benefits and Challenges

  • Chapter
  • First Online:
Illumination of Artificial Intelligence in Cybersecurity and Forensics

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 109))

Abstract

Background Ransomware is a special kind of malware which is rapidly blooming around the world in different forms. In recent times, Ransomware plays havoc in individual and corporate systems heavily and claimed abundant amount of money as ransom in the form of crypto currency. And it’s growth is gallo** in fast pace due to the Ransomware-as-a-service facility. So it is imperative to mitigate ransomware and its attacks on an emergency basis. Aim The objective of this work is to study about the research works exclusively done for ransomware attacks and to analyze the scope and challenges of Machine Learning methods in ransomware detection. Methodology The research works exclusively aimed at the mitigation of ransomware are collected from various renowned research databases and a systematic literature study is performed based on the traits of ransomware, data sets and methods, various performance measures used in the implementation of detection models. Results Many detection models that are developed with high accuracy have been discussed. Out of them, most of the models employ Machine Learning techniques for detection of ransomware as it facilitates automated detection. The proportion of the count (37.5%) of Machine Learning based models is considerably higher than that of other models (3% each).The vital role of Machine Learning in develo** automated detection tool is reviewed from different perspectives and the limitations of Machine Language based model are also discussed. Conclusion Based on the survey, Machine Learning methods can be applied to develop automated detection tool if the challenges are properly addressed. This will be helpful to the researchers to build a comprehensive and efficient model for ransomware detection, based on Machine Learning.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 109.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 139.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Adamu U, Awan I (2019) Ransomware prediction using supervised learning algorithms. In: 2019 7th international conference on future internet of things and cloud (FiCloud). IEEE, Istanbul, Turkey

    Google Scholar 

  2. Agrawal R, Stokes JW, Selvaraj K, Marinescu M (2019) Attention in recurrent neural networks for ransomware detection. ICASSP 2019–2019 IEEE international conference on acoustics, speech and signal processing (ICASSP). IEEE, Brighton, United Kingdom, pp 3222–3226

    Chapter  Google Scholar 

  3. Ahmed YA, Koçer B, Huda S, Al-Rimy BAS, Hassan MM (2020) A system call refinement-based enhanced minimum redundancy maximum relevance method for ransomware early detection. J Netw Comput Appl 167:102753. https://doi.org/10.1016/j.jnca.2020.102753

    Article  Google Scholar 

  4. Akcora CG, Li Y, Gel YR, Kantarcioglu M (2020) Bitcoinheist: topological data analysis for ransomware prediction on the bitcoin blockchain. In: Proceedings of the twenty-ninth international joint conference on artificial intelligence. Yokohama, Japan, international Joint Conferences on Artificial Intelligence Organization, pp 4439–4445

    Google Scholar 

  5. Al-Hawawreh M, Sitnikova E (2019) Leveraging deep learning models for ransomware detection in the industrial internet of things environment. 2019 military communications and information systems conference (MilCIS). IEEE, Canberra, Australia, pp 1–6

    Google Scholar 

  6. Al-rimy B, Maarof M, Mohd Shaid SZ (2019) Crypto-ransomware early detection model using novel incremental bagging with enhanced semi-random subspace selection. Future Gener Comput Syst. https://doi.org/10.1016/j.future.2019.06.005

    Article  Google Scholar 

  7. Al-rimy B, Maarof M, Shaid S (2018) Ransomware threat success factors, taxonomy, and countermeasures: a survey and research directions. Comput Secur 74. https://doi.org/10.1016/j.cose.2018.01.001

  8. Al-rimy BAS, Maarof MA, Shaid SZM (2018) A 0-day aware crypto-ransomware early behavioral detection framework. In: Saeed F, Gazem N, Patnaik S, Balaid A, Mohammed F (eds) Recent trends in information and communication technology, vol 5. Springer International Publishing, Cham, pp 758–766

    Chapter  Google Scholar 

  9. Alhawi OM, Baldwin J, Dehghantanha A (2019) Leveraging machine learning techniques for windows ransomware network traffic detection. In: Dehghantanha A, Conti M, Dargahi T (eds) Cyber threat intelligence, vol 70. Springer International Publishing, Cham, pp 93–106

    Chapter  Google Scholar 

  10. Almashhadani AO, Kaiiali M, Sezer S, O’Kane P (2019) A multi-classifier network-based crypto ransomware detection system: a case study of locky ransomware. IEEE Access 7:47053–47067. https://doi.org/10.1109/ACCESS.2019.2907485

  11. Alotaibi FM, Vassilakis VG (2021) SDN-based detection of self-propagating ransomware: the case of badrabbit. IEEE Access 9:28039–28058. https://doi.org/10.1109/ACCESS.2021.3058897

  12. Alrawashdeh K, Purdy C (2018) Ransomware detection using limited precision deep learning structure in FPGA. NAECON 2018–IEEE national aerospace and electronics conference. IEEE, Dayton, OH, pp 152–157

    Chapter  Google Scholar 

  13. AlSabeh A, Safa H, Bou-Harb E, Crichigno J (2020) Exploiting ransomware paranoia for execution prevention. ICC 2020–2020 IEEE international conference on communications (ICC). IEEE, Dublin, Ireland, pp 1–6

    Google Scholar 

  14. Alshaikh H, Ramadan N, Hefny H (2020) Ransomware prevention and mitigation techniques. Int J Comput Appl 117:31–39. https://doi.org/10.5120/ijca2020919899

  15. Alzahrani N, Alghazzawi D (2019) A review on android ransomware detection using deep learning techniques. In: Proceedings of the 11th international conference on management of digital ecosystems. ACM, Limassol Cyprus, pp 330–335

    Google Scholar 

  16. Arabo A, Dijoux R, Poulain T, Chevalier G (2020) Detecting ransomware using process behavior analysis. Procedia Comput Sci 168:289–296. https://doi.org/10.1016/j.procs.2020.02.249

  17. Atapour-Abarghouei A, Bonner S, McGough AS (2019) A king’s ransom for encryption: ransomware classification using augmented one-shot learning and bayesian approximation. 2019 IEEE international conference on big data. IEEE, Los Angeles, CA, USA, pp 1601–1606

    Chapter  Google Scholar 

  18. Ayub MA, Continella A, Siraj A (2020) An i/o request packet (IRP) driven effective ransomware detection scheme using artificial neural network. IEEE, Las Vegas, NV, USA, pp 319–324

    Google Scholar 

  19. Azeez NA, Odufuwa OE, Misra S, Oluranti J, Damaševičus R (2021) Windows pe malware detection using ensemble learning. Informatics 8(1). https://www.mdpi.com/2227-9709/8/1/10

  20. Azmoodeh A, Dehghantanha A, Conti M, Choo KKR (2018) Detecting crypto-ransomware in IoT networks based on energy consumption footprint. J Ambient Intell Human Comput 9. https://doi.org/10.1007/s12652-017-0558-5

  21. Bae S, Lee G, Im EG (2019) Ransomware detection using machine learning algorithms. Concurr Comput: Pract Exp 32:e5422. https://doi.org/10.1002/cpe.5422

  22. Baek S, Jung Y, Mohaisen A, Lee S, Nyang D (2018) SSD-insider: internal defense of solid-state drive against ransomware with perfect data recovery. 2018 IEEE 38th international conference on distributed computing systems (ICDCS). IEEE, Vienna, pp 875–884

    Chapter  Google Scholar 

  23. Baek S, Jung Y, Mohaisen D, Lee S, Nyang D (2021) SSD-assisted ransomware detection and data recovery techniques. IEEE Trans Comput 70(10):1762–1776. https://doi.org/10.1109/TC.2020.3011214

  24. Baldwin J, Dehghantanha A (2018) Leveraging support vector machine for opcode density based detection of crypto-ransomware. In: Dehghantanha A, Conti M, Dargahi T (eds) Cyber threat intelligence, vol 70. Springer International Publishing, Cham, pp 107–136

    Chapter  Google Scholar 

  25. Bansal C, Deligiannis P, Maddila C, Rao N (2020) Studying ransomware attacks using web search logs. In: Proceedings of the 43rd international ACM SIGIR conference on research and development in information retrieval. ACM, Virtual Event China, pp 1517–1520

    Google Scholar 

  26. Berrueta E, Morato D, Magaña E, Izal M (2020) Open repository for the evaluation of ransomware detection tools. IEEE Access 8:65658–65669. https://doi.org/10.1109/ACCESS.2020.2984187

  27. Bhateja V, Peng SL (2021) Suresh chandra satapathy. In: Zhang YD (ed) Evolution in computational intelligence: frontiers in intelligent computing: theory and applications (FICTA), vol 1, 1176. Springer, Singapore

    Google Scholar 

  28. Bibi I, Akhunzada A, Malik J, Ahmed G, Raza M (2019) An effective android ransomware detection through multi-factor feature filtration and recurrent neural network, pp 1–4. https://doi.org/10.1109/UCET.2019.8881884

  29. Black P, Sohail A, Gondal I, Kamruzzaman J, Vamplew P, Watters P (2020) Api based discrimination of ransomware and benign cryptographic programs. In: Yang H, Pasupa K, Leung AS, Kwok J, Chan J, King I (eds) Neural information processing, vol 12533. Springer International Publishing, Cham, pp 177–188

    Chapter  Google Scholar 

  30. Borah P, Bhattacharyya DK, Kalita JK (2020) Cost effective method for ransomware detection- an ensemble approach. In: Distributed computing and internet technology, pp 203–219. Springer International Publishing. https://doi.org/10.1007/978-3-030-65621-8_13

  31. Cabaj K, Gregorczyk M, Mazurczyk W (2016) Software-defined networking-based crypto ransomware detection using http traffic characteristics. Comput Electr Eng 66. https://doi.org/10.1016/j.compeleceng.2017.10.012

  32. Castillo PA, Laredo JLJ, Fernández F (2020) Applications of evolutionary computation. In: Vega (ed) 23rd European conference, EvoApplications, held as part of EvoStar 2020. Proceedings, vol 12104. Springer International Publishing, Seville, Spain

    Google Scholar 

  33. Chadha S, Kumar U (2017) Ransomware: let’s fight back! 2017 international conference on computing, communication and automation (ICCCA). IEEE, Greater Noida, pp 925–930

    Chapter  Google Scholar 

  34. Chen J, Wang C, Zhao Z, Chen K, Du R, Ahn GJ (2018) Uncovering the face of android ransomware: characterization and real-time detection. IEEE Trans Inf Forensics Secur 13(5):1286–1300. https://doi.org/10.1109/TIFS.2017.2787905

  35. Chen L, Yang CY, Paul A, Sahita R (2018) Towards resilient machine learning for ransomware detection. ar**v preprint ar**v:1812.09400

  36. Chen Q, Islam SR, Haswell H, Bridges RA (2019) Automated ransomware behavior analysis—pattern extraction and early detection. In: Science of cyber security, pp 199–214. Springer International Publishing. https://doi.org/10.1007/978-3-030-34637-9_15

  37. Cheng L, Leung ACS (2018) In: Ozawa S (ed) Neural information processing: 25th international conference, ICONIP 2018, Siem Reap. Proceedings, Part VI, vol 11306. Springer International Publishing, Cambodia

    Google Scholar 

  38. Cimitile A, Mercaldo F, Nardone V, Santone A, Visaggio CA (2018) Talos: no more ransomware victims with formal methods. Int J Inf Secur 17. https://doi.org/10.1007/s10207-017-0398-5

  39. Connolly Y, Lena SD (2019) Wall.“the rise of crypto-ransomware in a changing cybercrime landscape: taxonomising countermeasures.” Comput Secur 87(101568). https://doi.org/10.1016/j.cose.2019.101568

  40. Cusack G, Michel O, Keller E (2018) Machine learning-based detection of ransomware using sdn. In: Proceedings of the 2018 ACM international workshop on security in software defined networks & network function virtualization. ACM, Tempe, AZ, USA, pp 1–6

    Google Scholar 

  41. Cuzzocrea A, Martinelli F, Mercaldo F (2018) A novel structural-entropy-based classification technique for supporting android ransomware detection and analysis. 2018 IEEE international conference on fuzzy systems (FUZZ-IEEE). IEEE, Rio de Janeiro, pp 1–7

    Google Scholar 

  42. Daku H, Zavarsky P, Malik Y (2018) Behavioral-based classification and identification of ransomware variants using machine learning. In: 2018 17th IEEE international conference on trust, security and privacy in computing and communications/12th IEEE international conference on big data science and engineering (TrustCom/BigDataSE), pp 1560–1564. https://doi.org/10.1109/TrustCom/BigDataSE.2018.00224

  43. Dargahi T, Dehghantanha A, Nikkhah P, Conti M, Bianchi G, Benedetto L (2019) A cyber-kill-chain based taxonomy of crypto-ransomware features. J Comput Virol Hacking Tech 15. https://doi.org/10.1007/s11416-019-00338-7

  44. Dion Y, Brohi S (2020) An experimental study to evaluate the performance of machine learning algorithms in ransomware detection. J Eng Sci Technol 15:967–981

    Google Scholar 

  45. Faris H, Habib M, Almomani I, Eshtay M, Aljarah I (2020) Optimizing extreme learning machines using chains of salps for efficient android ransomware detection. Appl Sci 10(11). https://www.mdpi.com/2076-3417/10/11/3706

  46. Fernando DW, Komninos N, Chen T (2020) A study on the evolution of ransomware detection using machine learning and deep learning techniques. IoT 1(2):551–604. https://www.mdpi.com/2624-831X/1/2/30

  47. Fernández Maimó L, Huertas Celdrán A, Perales Gómez NL, García Clemente FJ, Weimer J, Lee I (2019) Intelligent and dynamic ransomware spread detection and mitigation in integrated clinical environments. Sensors 19(5). https://www.mdpi.com/1424-8220/19/5/1114

  48. Ferrante A, Malek M, Martinelli F, Mercaldo F, Milosevic J (2017) Extinguishing ransomware-A hybrid approach to android ransomware detection. In: Imine A, Fernandez J, Marion JY, Logrippo L, Garcia-Alfaro J (eds) Lecture notes in computer science, vol 10723. Springer International Publishing, Cham, pp 242–258

    Google Scholar 

  49. Gharib A, Ghorbani A (2017) DNA-droid: a real-time android ransomware detection framework. In: Yan Z, Molva R, Mazurczyk W, Kantola R (eds) Lecture notes in computer science, vol 10394. Springer International Publishing, Cham, pp 184–198

    Google Scholar 

  50. Gowtham R, Menen A (2020) Automated dynamic approach for detecting ransomware using finite-state machine. Decis Support Syst 138:113400. https://doi.org/10.1016/j.dss.2020.113400

    Article  Google Scholar 

  51. Gupta BB, Perez GM, Agrawal DP, Gupta D (eds) Handbook of computer networks and cyber security: principles and paradigms. Springer International Publishing, Cham

    Google Scholar 

  52. Hampton N, Baig Z, Zeadally S (2018) Ransomware behavioural analysis on windows platforms. J Inf Secur Appl 40:44–51. https://doi.org/10.1016/j.jisa.2018.02.008

    Article  Google Scholar 

  53. Harikrishnan N, Soman K (2018) Detecting ransomware using gurls. 2018 second international conference on advances in electronics, computers and communications (ICAECC). IEEE, Bangalore, pp 1–6

    Google Scholar 

  54. Hasan MM, Rahman MM (2017) Ranshunt: a support vector machines based ransomware analysis framework with integrated feature set. 2017 20th international conference of computer and information technology (ICCIT). IEEE, Dhaka, pp 1–7

    Google Scholar 

  55. Herrera Silva JA, Barona L, Valdivieso L, Alvarez M (2019) A survey on situational awareness of ransomware attacks-detection and prevention parameters. Remote Sens 11:1168. https://doi.org/10.3390/rs11101168

    Article  Google Scholar 

  56. Homayoun S, Dehghantanha A, Ahmadzadeh M, Hashemi S, Khayami R (2020) Know abnormal, find evil: frequent pattern mining for ransomware threat hunting and intelligence. IEEE Trans Emerg Top Comput 8(2):341–351. https://doi.org/10.1109/TETC.2017.2756908

    Article  Google Scholar 

  57. Hu JW, Zhang Y, Cui YP (2020) Research on android ransomware protection technology. J Phys: Conf Ser 1584(012004). https://doi.org/10.1088/1742-6596/1584/1/012004

  58. Humayun M, Jhanjhi N, Alsayat A, Ponnusamy V (2021) Internet of things and ransomware: evolution, mitigation and prevention. Egypt Inform J 22(1):105–117

    Article  Google Scholar 

  59. Hwang J, Kim J, Lee S, Kim K (2020) Two-stage ransomware detection using dynamic analysis and machine learning techniques. Wirel Pers Commun 112:1–13. https://doi.org/10.1007/s11277-020-07166-9

    Article  Google Scholar 

  60. J, Z, M, H, Y, K, A, I (2020) In: Evaluation to classify Ransomware variants based on correlations between APIs. In Proceedings of the 6th International conference on information systems Security and Privacy, vol 1, pp 465–472. https://doi.org/10.5220/0008959904650472

  61. Kara I, Aydos M (2020) Cyber fraud: Detection and analysis of the crypto-ransomware. 2020 11th IEEE Annual ubiquitous computing, electronics & mobile communication conference (UEMCON). IEEE, New York, NY, USA, pp 0764–0769

    Chapter  Google Scholar 

  62. Karimi A, Moattar MH (2017) Android ransomware detection using reduced opcode sequence and image similarity. 2017 7th international conference on computer and knowledge engineering (ICCKE). IEEE, Mashhad, pp 229–234

    Chapter  Google Scholar 

  63. Khammas BM (2020) Ransomware detection using random forest technique. ICT Express 6(4):325–331

    Article  Google Scholar 

  64. Khan F, Ncube C, Ramasamy LK, Kadry S, Nam Y (2020) A digital DNA sequencing engine for ransomware detection using machine learning. IEEE Access 8:119710–119719. https://doi.org/10.1109/ACCESS.2020.3003785

    Article  Google Scholar 

  65. Kharraz A, Robertson W, Kirda E (2018) Protecting against ransomware: a new line of research or restating classic ideas? IEEE Secur Priv 16(3):103–107. https://doi.org/10.1109/MSP.2018.2701165

    Article  Google Scholar 

  66. Kitchenham B, Pearl Brereton O, Budgen D, Turner M, Bailey J, Linkman S (2009) Systematic literature reviews in software engineering—A systematic literature review. Inf Softw Technol 51(1):7–15 (2009). https://doi.org/10.1016/j.infsof.2008.09.009. https://www.sciencedirect.com/science/article/pii/S0950584908001390 (special Section—Most Cited Articles in 2002 and Regular Research Papers)

  67. Kok S, Abdullah A, Jhanjhi N (2020) Early detection of crypto-ransomware using pre-encryption detection algorithm. J King Saud Univ Comput Inf Sci

    Google Scholar 

  68. Kok S, Abdullah A, Zaman N, Supramaniam M (2019) Prevention of crypto-ransomware using a pre-encryption detection algorithm. Computers 8:79. https://doi.org/10.3390/computers8040079

    Article  Google Scholar 

  69. Koli, J.D.: Randroid: Android malware detection using random machine learning classifiers. In: 2018 technologies for smart-city energy security and power (ICSESP). pp 1–6 (2018). https://doi.org/10.1109/ICSESP.2018.8376705

  70. Lachtar N, Ibdah D, Bacha A (2019) The case for native instructions in the detection of mobile ransomware. IEEE Lett Comput Soc 2(2):16–19. https://doi.org/10.1109/LOCS.2019.2918091

    Article  Google Scholar 

  71. Lee K, Lee SY, Yim K (2019) Machine learning based file entropy analysis for ransomware detection in backup systems. IEEE Access 7:110205–110215. https://doi.org/10.1109/ACCESS.2019.2931136

    Article  Google Scholar 

  72. Li Z, Rios ALG, Trajkovic L (2020) Detecting internet worms, ransomware, and blackouts using recurrent neural networks. 2020 IEEE international conference on systems, man, and cybernetics (SMC). IEEE, Toronto, ON, Canada, pp 2165–2172

    Chapter  Google Scholar 

  73. Lokuketagoda B, Weerakoon MP, Kuruppu UM, Senarathne AN, Abeywardena KY (2018) R-killer: an email based ransomware protection tool. In: 2018 13th international conference on computer science & education (ICCSE). Colombo. IEEE

    Google Scholar 

  74. Lu T, Zhang L, Wang S, Gong Q (2017) Ransomware detection based on v-detector negative selection algorithm. 2017 international conference on security, pattern analysis, and cybernetics (SPAC). IEEE, Shenzhen, pp 531–536

    Chapter  Google Scholar 

  75. Luhach AK, Kosa JA, Poonia RC (2020) **ao-zhi Gao. In: Singh D (ed) First international conference on sustainable technologies for computational intelligence: proceedings of ICTSCI 2019, vol 1045. Springer, Singapore, Singapore

    Google Scholar 

  76. Maigida AM, Abdulhamid SM, Olalere M, Alhassan JK (2019) Haruna chiroma, and emmanuel gbenga dada.“systematic literature review and metadata analysis of ransomware attacks and detection mechanisms.” J Reliab Intell Environ 5(2):67–89. https://doi.org/10.1007/s40860-019-00080-3

  77. Manavi F, Hamzeh A (2020) A new method for ransomware detection based on PE header using convolutional neural networks. 2020 17th international ISC conference on information security and cryptology (ISCISC). IEEE, Tehran, Iran, pp 82–87

    Chapter  Google Scholar 

  78. Manzano C, Meneses C, Leger P (2020) An empirical comparison of supervised algorithms for ransomware identification on network traffic. 2020 39th international conference of the chilean computer science society (SCCC). IEEE, Coquimbo, Chile, pp 1–7

    Google Scholar 

  79. Medhat M, Gaber S, Abdelbaki N (2018) A new static-based framework for ransomware detection. In: 2018 IEEE 16th International conference on dependable, autonomic and secure computing, 16th international conference on pervasive intelligence and computing, 4th international conference on big data intelligence and computing and cyber science and technology congress(DASC/PiCom/DataCom/CyberSciTech), pp 710–715. https://doi.org/10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00124

  80. Misra S, A step by step guide for choosing project topics and writing research papers in ICT related disciplines, vol 1350. Springer, Cham

    Google Scholar 

  81. Mohammad A (2020) Ransomware evolution, growth and recommendation for detection. Modern Appl Sci 14:68. https://doi.org/10.5539/mas.v14n3p68

    Article  Google Scholar 

  82. Ng C, Rajasegarar S, Pan L, Jiang F, Zhang L (2020) Voterchoice: a ransomware detection honeypot with multiple voting framework. Concurr Comput: Pract Exp 32. https://doi.org/10.1002/cpe.5726

  83. Pastor A, Mozo A, Vakaruk S, Canavese D, López DR, Regano L, Gómez-Canaval S, Lioy A (2020) Detection of encrypted cryptomining malware connections with machine and deep learning. IEEE Access 8:158036–158055. https://doi.org/10.1109/ACCESS.2020.3019658

    Article  Google Scholar 

  84. Pont J, Oun OA, Brierley C, Arief B, Hernandez-Castro J (2019) A roadmap for improving the impact of anti-ransomware research. In: Askarov A, Hansen R, Rafnsson W (eds) Secure IT systems, vol 11875. Springer International Publishing, Cham, pp 137–154

    Chapter  Google Scholar 

  85. Poudyal S, Dasgupta D, Akhtar Z, Gupta KD (2019) A multi-level ransomware detection framework using natural language processing and machine learning

    Google Scholar 

  86. Qin B, Wang Y, Ma C (2020) API call based ransomware dynamic detection approach using textCNN. 2020 international conference on big data, artificial intelligence and internet of things engineering (ICBAIE). IEEE, Fuzhou, China, pp 162–166

    Chapter  Google Scholar 

  87. Reddy BV, Krishna GJ, Ravi V, Dasgupta D (2020) Machine learning and feature selection based ransomware detection using hexacodes. In: evolution in computational intelligence, pp 583–597. Springer Singapore. https://doi.org/10.1007/978-981-15-5788-0 56

  88. Rosli MS, Syahirah R, Yassin W, Faizal MA, Nur W (2020) Ransomware behavior attack construction via graph theory approach. Int J Adv Comput Sci Appl 11

    Google Scholar 

  89. Rouka E, Birkinshaw C, Vassilakis VG (2020) SDN-based malware detection and mitigation: the case of expetr ransomware. 2020 IEEE international conference on informatics, IoT, and enabling technologies (ICIoT). IEEE, Doha, Qatar, pp 150–155

    Chapter  Google Scholar 

  90. Roy K, Chen Q (2021) Deepran: attention-based bilstm and crf for ransomware early detection and classification. Inf Syst Front 23. https://doi.org/10.1007/s10796-020-10017-4

  91. Vinayakumar R, Jolfaei MA, Jolfaei A, Soman KP, Poornachandran P (2019) Ransomware triage using deep learning: twitter as a case study. 2019 cybersecurity and cyberforensics conference (CCC). IEEE, Melbourne, Australia, pp 67–73

    Google Scholar 

  92. Saeed S, Jhanjhi N, Naqvi M, Humayun M, Ahmed S (2020) Ransomware: a framework for security challenges in internet of things. 2020 2nd international conference on computer and information sciences (ICCIS). IEEE, Sakaka, Saudi Arabia, pp 1–6

    Google Scholar 

  93. Sahay SK, Goel N (2020) Vishwas patil. In: Jadliwala M (ed) Secure Knowledge Management. In: Artificial Intelligence Era: 8th international conference, SKM 2019. Proceedings, vol 1186. Springer, Singapore, Goa, India, pp 1–6

    Google Scholar 

  94. Saleh MA, Rass A, Evaluation of supervised machine learning classifiers for detecting ransomware based on naïve bayes, svm, knn, c 4.5, and random forest algorithms. Int J Innov Sci Res Technol 5(1):10

    Google Scholar 

  95. Scalas M, Maiorca D, Mercaldo F, Visaggio CA, Martinelli F, Giacinto G (2019) On the effectiveness of system API-related information for android ransomware detection. Comput Secur 86:168–182. https://doi.org/10.1016/j.cose.2019.06.004

    Article  Google Scholar 

  96. Sechel: Sergiu.“a comparative assessment of obfuscated ransomware detection methods. Inform Econ 23(2):45–62. https://doi.org/10.12948/issn14531305/23.2.2019.05

  97. Shaukat K, Luo S, Chen S, Liu D (2020) Cyber threat detection using machine learning techniques: a performance evaluation perspective. 2020 international conference on cyber warfare and security (ICCWS). IEEE, Islamabad, Pakistan, pp 1–6

    Google Scholar 

  98. Sheen S, Yadav A (2018) Ransomware detection by mining API call usage. 2018 international conference on advances in computing, communications and informatics (ICACCI). IEEE, Bangalore, pp 983–987

    Chapter  Google Scholar 

  99. Song J, Meng Q, Luo C, Naik N, Xu J (2020) An immunization scheme for ransomware. Comput Mater Continua 64(2):1051–1061. https://doi.org/10.32604/cmc.2020.010592

  100. Su D, Liu J, Wang X, Wang W (2019) Detecting android locker-ransomware on chinese social networks. IEEE Access 7:20381–20393. https://doi.org/10.1109/ACCESS.2018.2888568

    Article  Google Scholar 

  101. Sultan NA, Thanoon KH, Ibrahim OA (2020) Ethical hacking implementation for lime worm ransomware detection. J Phys: Conf Ser 1530(012078). https://doi.org/10.1088/1742-6596/1530/1/012078

  102. Turner AB, McCombie S, Uhlmann AJ (2020) Discerning payment patterns in bitcoin from ransomware attacks. J Money Laund Control 23(3):545–589. https://doi.org/10.1108/JMLC-02-2020-0012

    Article  Google Scholar 

  103. Uandykova M, Lisin A, Stepanova D, Baitenova L, Mutaliyeva L (2020) Serhat yuksel, and hasan dincer. “the social and legislative principles of counteracting ransomware crime.” Entrep Sustain Issues 8(2):777–798. https://doi.org/10.9770/jesi.2020.8.2(47)

  104. Ullah F, Javaid Q, Salam A, Ahmad M, Sarwar N (2020) Dilawar shah, and muhammad abrar. “modified decision tree technique for ransomware detection at runtime through API calls.” Sci Program 2020:1–10. https://doi.org/10.1155/2020/8845833

  105. Usharani S, Bala P, Mary MJ (2021) Dynamic analysis on crypto-ransomware by using machine learning: gandcrab ransomware. J Phys: Conf Ser 1717(012024). https://doi.org/10.1088/1742-6596/1717/1/012024

  106. Verma M, Kumarguru P, Deb SB, Gupta A (2018) Analysing indicator of compromises for ransomware: leveraging IOCS with machine learning techniques. 2018 IEEE international conference on intelligence and security informatics (ISI). IEEE, Miami, FL, pp 154–159

    Chapter  Google Scholar 

  107. Vinayakumar R, Soman K, Velan K, Ganorkar S (2017) Evaluating shallow and deep networks for ransomware detection and classification. 2017 international conference on advances in computing, communications and informatics (ICACCI). IEEE, Udupi, pp 259–265

    Chapter  Google Scholar 

  108. Wan YL, Chang JC, Chen RJ, Wang SJ (2018) Feature-selection-based ransomware detection with machine learning of data analysis. 2018 3rd international conference on computer and communication systems (ICCCS). IEEE, Nagoya, Japan, pp 85–88

    Chapter  Google Scholar 

  109. Wang Z, Liu C, Qiu J, Tian Z, Cui X, Su S (2018) Automatically traceback RDP-based targeted ransomware attacks. Wirel Commun Mob Comput 2018:1–13. https://doi.org/10.1155/2018/7943586

    Article  Google Scholar 

  110. Wani A, Revathi S (2020) Ransomware protection in IoT using software defined networking. Int J Electr Comput Eng (IJECE) 10(3). https://doi.org/10.11591/ijece.v10i3.pp3166-3175

  111. **a T, Sun Y, Zhu S, Rasheed Z, Shafique K (2018) Toward a network-assisted approach for effective ransomware detection. In: ICST Trans Secur Safety 168506. https://doi.org/10.4108/eai.28-1-2021.168506

  112. Zhang B, **ao W, **ao X, Sangaiah AK, Zhang W, Zhang J (2020) Ransomware classification using patch-based CNN and self-attention network on embedded N-grams of opcodes. Fut Gener Comput Syst 110:708–720. https://doi.org/10.1016/j.future.2019.09.025

    Article  Google Scholar 

  113. Zhang H, **ao X, Mercaldo F, Ni S, FabioMartinelli AKS (2019) Classification of ransomware families with machine learning based N-gram of opcodes. Fut. Gener. Comput. Syst. 90:211–221. ISSN 0167:739X. https://doi.org/10.1016/j.future.2018.07.052

  114. Zuhair H, Selamat A, An empirical analysis of machine learning efficacy in anti-ransomware tools. AUE Int Res Conf/Dubai 8

    Google Scholar 

  115. Zuhair H, Selamat A, Krejcar O (2020) A multi-tier streaming analytics model of 0-day ransomware detection using machine learning. Appl Sci 10(9). https://doi.org/10.3390/app10093210

  116. Zhou J, Hirose M, Kakizaki Y, Inomata A (2020) Evaluation to classify ransomware variants based on correlations between APIs. In: Proceedings of the 6th international conference on information systems security and privacy. vol 1, pp 465–472. https://doi.org/10.5220/0008959904650472

Download references

Author information

Authors and Affiliations

  1. Rajeswari Vedachalam Government Arts College, University of Madras, Chennai, TamilNadu, India

    Vani Thangapandian

Authors
  1. Vani Thangapandian
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Østfold University College, Halden, Norway

    Sanjay Misra

  2. Computer Science and Engineering, Sri Sivasubramaniya Nadar College of Engineering, Chennai, Tamil Nadu, India

    Chamundeswari Arumugam

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Thangapandian, V. (2022). Machine Learning in Automated Detection of Ransomware: Scope, Benefits and Challenges. In: Misra, S., Arumugam, C. (eds) Illumination of Artificial Intelligence in Cybersecurity and Forensics. Lecture Notes on Data Engineering and Communications Technologies, vol 109. Springer, Cham. https://doi.org/10.1007/978-3-030-93453-8_15

Download citation

Publish with us

Policies and ethics

Search

Navigation