Ransomware, Threat and Detection Techniques: A Review

The popularity of ransomware has created a unique ecosystem of cybercriminals. Therefore, the objectives of this paper are to provide a thorough understanding of ransomware's threat and discuss recent detection techniques used. Successful ransomware attack has direct financial implication, which is fuelled by several mature enablers, such as encryption technology, cyber currency and accessibility. Encryption is effective and almost unbreakable. Anonymous cyber currency can avoid traceability. Easily obtainable ransomware code enables easy entry. A combination of these provides an attractive avenue for cybercriminals, producing specialist cybercriminals. In terms of detection techniques, it was found that machine learning (ML) via regression algorithms was the most technique adopted by researchers of ransomware. However, none of the researchers have produced any model to protect against ransomware attack. This research highlights the need of a solution using ML algorithm for the detection engine.