ISSN: 2182-2069 (printed) / ISSN: 2182-2077 (online)
Ransomware Detection with Machine Learning: Techniques, Challenges, and Future Directions – A Systematic Review.
Ransomware attacks are one of the most common and dangerous threats in cybersecurity. It impedes users from accessing their systems or personal files and extorts them by demanding a ransom payment. This study aims to identify the most effective Machine Learning methods and techniques for detecting and mitigating Ransomware attacks. In addition, it seeks to determine which features are essential for identifying Ransomware and which attributes are most effective in achieving this goal. To do so, we conducted a systematic literature review using the PRISMA methodological guide. We focused on selecting only primary empirical studies that evaluated their effectiveness. The findings revealed that the studies focus on analyzing existing datasets, followed by API calls, and analyzing executable files. Dynamic, static, and network traffic analyses are the most used methods. In addition, we find that techniques such as hybrid analysis, digital DNA sequencing, and supervised learning, although less frequently, show their potential in ransomware detection. This research also indicates its use's limitations, challenges, and future research directions. These results underscore the diversity of approaches and tools employed in ransomware detection, highlighting the need to develop comprehensive strategies to address this cyber threat effectively.