{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,5]],"date-time":"2026-03-05T15:39:44Z","timestamp":1772725184832,"version":"3.50.1"},"publisher-location":"Singapore","reference-count":42,"publisher":"Springer Singapore","isbn-type":[{"value":"9789811668890","type":"print"},{"value":"9789811668906","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-981-16-6890-6_13","type":"book-chapter","created":{"date-parts":[[2022,3,5]],"date-time":"2022-03-05T14:02:28Z","timestamp":1646488948000},"page":"171-186","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":20,"title":["A Survey on Machine Learning-Based Ransomware Detection"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-1255-5284","authenticated-orcid":false,"given":"Nanda","family":"Rani","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0306-6198","authenticated-orcid":false,"given":"Sunita Vikrant","family":"Dhavale","sequence":"additional","affiliation":[]},{"given":"Amarjit","family":"Singh","sequence":"additional","affiliation":[]},{"given":"Atul","family":"Mehra","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,3,6]]},"reference":[{"key":"13_CR1","unstructured":"Sultan H, Khalique A, Alam SI, Tanweer S (2018) A survey on ransomware: evolution, growth and impact. Int J Adv Res Comput Scie 9(2)"},{"key":"13_CR2","doi-asserted-by":"publisher","first-page":"119710","DOI":"10.1109\/ACCESS.2020.3003785","volume":"8","author":"F Khan","year":"2020","unstructured":"Khan F, Ncube C, Ramasamy LK, Kadry S, Nam Y (2020) A digital DNA sequencing engine for ransomware detection using machine learning. IEEE Access 8:119710\u2013119719. https:\/\/doi.org\/10.1109\/ACCESS.2020.3003785","journal-title":"IEEE Access"},{"key":"13_CR3","doi-asserted-by":"crossref","unstructured":"Sahay SK et\u00a0al (2020) A survey on ransomware detection techniques. In: SKM 2019, CCIS 1186. Springer Nature Singapore Pte Ltd, pp 55\u201368","DOI":"10.1007\/978-981-15-3817-9_4"},{"issue":"5","key":"13_CR4","first-page":"1938","volume":"8","author":"S Mohurle","year":"2017","unstructured":"Mohurle S, Patil M (2017) A brief study of WannaCry threat: ransomware attack 2017. Int J Adv Res Comput Sci 8(5):1938\u20131940","journal-title":"Int J Adv Res Comput Sci"},{"key":"13_CR5","unstructured":"The current state of ransomware (2020) CryptoWall. https:\/\/news.sophos.com\/en-us\/2015\/12\/17\/the-current-state-of-ransomware-cryptowall\/. Accessed 27 Aug 2020"},{"key":"13_CR6","unstructured":"Look into locky ransomware (2020) https:\/\/blog.malwarebytes.com\/threat-analysis\/2016\/03\/look-into-locky. Accessed 02 Aug 2020"},{"key":"13_CR7","unstructured":"Evolution of GandCrab Ransomware (2020) https:\/\/www.acronis.com\/en-in\/articles\/gandcrab\/. Accessed 10 Sept 2020"},{"key":"13_CR8","unstructured":"CryptoLocker (2020) Everything You Need to Know. https:\/\/www.varonis.com\/blog\/cryptolocker\/. Accessed 23 Sept 2020"},{"key":"13_CR9","unstructured":"TeslaCrypt ransomware (2020) https:\/\/www.kaspersky.co.in\/resource-center\/threats\/teslacrypt. Accessed 20 Nov 2020"},{"key":"13_CR10","unstructured":"2016 (2020) Year of the ransomware attacks. http:\/\/techgenix.com\/2016-ransomware\/. Accessed 16 Jul 2020"},{"key":"13_CR11","unstructured":"Mimoso M (2017) Leaked NSA exploit spreading ransomware world wide. https:\/\/threatpost.com\/leaked-nsa-exploitspreading-ransomware-worldwide\/125654. Accessed 03 Sep 2020"},{"key":"13_CR12","unstructured":"The Anatomy of a Ransomware Attack (2016) The threat research report. https:\/\/www.exabeam.com\/wp-content\/uploads\/2017\/07\/Exabeam_Ransomware_Threat_Report_Final.pdf. Accessed 20 sept 2020"},{"key":"13_CR13","unstructured":"Proofpoint (2017) 2017 Q3 threat report. https:\/\/www.proofpoint.com\/sites\/default\/files\/pfpt-us-tr-q317-threat-report_1.pdf"},{"key":"13_CR14","unstructured":"Sgandurra D, Mu\u00f1oz-Gonz\u00e1lez L, Mohsen R, Lupu EC (2016) Automated dynamic analysis of ransomware: Bene_ts, limitations, and use for detection. arXiv:1609.03020"},{"key":"13_CR15","unstructured":"Ransomware Dataset RISSP group (2020). http:\/\/rissgroup.org\/ransomware-dataset\/. Accessed 10 Nov 2020"},{"key":"13_CR16","doi-asserted-by":"publisher","unstructured":"Paquet-Clouston M, Haslhofer B, Dupont B (2019) Ransomware payments in the Bitcoin ecosystem. J Cybersec. 5(1):tyz003. https:\/\/doi.org\/10.1093\/cybsec\/tyz003","DOI":"10.1093\/cybsec\/tyz003"},{"key":"13_CR17","unstructured":"Ransomware bitcoin datasets (2020). https:\/\/github.com\/behas\/ransomware-dataset. Accessed 01 Nov 2020"},{"key":"13_CR18","unstructured":"ISOT Ransomware dataset (2020) https:\/\/www.uvic.ca\/engineering\/ece\/isot\/datasets\/botnet-ransomware\/index.php. Accessed 25 Nov 2020"},{"key":"13_CR19","doi-asserted-by":"crossref","unstructured":"Scaife N, Carter H, Traynor P, Butler KR (2016) Cryptolock (and drop it): stopping ransomware attacks on user data. In: 2016 IEEE 36th international conference on distributed computing systems (ICDCS), pp 303\u2013312","DOI":"10.1109\/ICDCS.2016.46"},{"key":"13_CR20","unstructured":"Kharaz A, Arshad S, Mulliner C, Robertson W, Kirda E (2016) UNVEIL: a largescale, automated approach to detecting ransomware. In: 25th USENIX security symposium (USENIX Security 2016), Austin, TX, pp 757\u2013772. USENIX Association"},{"key":"13_CR21","doi-asserted-by":"crossref","unstructured":"Gomez-Hernandez JA, \u2019Alvarez-Gonzaalez L, Garc\u0131a-Teodoro P, (2018) R-Locker: thwarting ransomware action through a honeyfile-based approach. Comput Sec 73:389\u2013398","DOI":"10.1016\/j.cose.2017.11.019"},{"issue":"6","key":"13_CR22","doi-asserted-by":"publisher","first-page":"82","DOI":"10.30880\/ijie.2018.10.06.011","volume":"10","author":"BAS Al-rimy","year":"2018","unstructured":"Al-rimy BAS, Maarof MA, Prasetyo YA, Shaid SZM (2018) Ariffin, AFM: Zero-day aware decision fusion-based model for crypto-ransomware early detection. Int J Integr Eng 10(6):82\u201388","journal-title":"Int J Integr Eng"},{"key":"13_CR23","doi-asserted-by":"publisher","unstructured":"Mehnaz S, Mudgerikar A, Bertino E (2018) RWGuard: a real-time detection system against cryptographic ransomware. In: Bailey M, Holz T, Stamatogiannakis M, Ioannidis S (eds) RAID 2018. LNCS, vol 11050. Springer, Cham, pp 114\u2013136. https:\/\/doi.org\/10.1007\/978-3-030-00470-5_6","DOI":"10.1007\/978-3-030-00470-5_6"},{"key":"13_CR24","doi-asserted-by":"crossref","unstructured":"Continella A et\u00a0al (2016) ShieldFS: a self-healing, ransomware-aware filesystem. In: Proceedings of the 32nd annual conference on computer security applications, ACSAC 2016. ACM, New York, pp 336\u2013347","DOI":"10.1145\/2991079.2991110"},{"key":"13_CR25","doi-asserted-by":"publisher","unstructured":"Alhawi OMK, Baldwin J, Dehghantanha A (2018) Leveraging machine learning techniques for windows ransomware network traffic detection. In: Dehghantanha A, Conti M, Dargahi T (eds) Cyber threat intelligence. AIS, vol 70. Springer, Cham, pp 93\u2013106. https:\/\/doi.org\/10.1007\/978-3-319-73951-9_5","DOI":"10.1007\/978-3-319-73951-9_5"},{"key":"13_CR26","doi-asserted-by":"crossref","unstructured":"Harikrishnan NB, Soman KP (2018) Detecting ransomware using GURLS. In: 2018 second international conference on advances in electronics, computers and communications (ICAECC). IEEE","DOI":"10.1109\/ICAECC.2018.8479444"},{"key":"13_CR27","doi-asserted-by":"publisher","unstructured":"Baldwin J, Dehghantanha A (2018) Leveraging support vector machine for opcode density-based detection of crypto-ransomware. In: Dehghantanha A, Conti M, Dargahi T (eds) Cyber threat intelligence. AIS, vol 70. Springer, Cham, pp 107\u2013136. https:\/\/doi.org\/10.1007\/978-3-319-73951-9_6","DOI":"10.1007\/978-3-319-73951-9_6"},{"key":"13_CR28","doi-asserted-by":"publisher","first-page":"94","DOI":"10.1016\/j.future.2018.07.045","volume":"90","author":"S Homayoun","year":"2019","unstructured":"Homayoun S et al (2019) DRTHIS: deep ransomware threat hunting and intelligence system at the fog layer. Futur Gener Comput Syst 90:94\u2013104","journal-title":"Futur Gener Comput Syst"},{"issue":"4","key":"13_CR29","doi-asserted-by":"publisher","first-page":"1141","DOI":"10.1007\/s12652-017-0558-5","volume":"9","author":"A Azmoodeh","year":"2017","unstructured":"Azmoodeh A, Dehghantanha A, Conti M, Choo K-KR (2017) Detecting cryptoransomware in IoT networks based on energy consumption footprint. J Ambient Intell Hum Comput 9(4):1141\u20131152. https:\/\/doi.org\/10.1007\/s12652-017-0558-5","journal-title":"J Ambient Intell Hum Comput"},{"key":"13_CR30","doi-asserted-by":"publisher","unstructured":"Poudyal S, Subedi KP, Dasgupta D (2018) A framework for analyzing ransomware using machine learning. In: 2018 IEEE symposium series on computational intelligence (SSCI). https:\/\/doi.org\/10.1109\/SSCI.2018.8628743","DOI":"10.1109\/SSCI.2018.8628743"},{"key":"13_CR31","doi-asserted-by":"crossref","unstructured":"Almashhadani AO, Kaiiali M, Sezer S, O\u2019Kane P (2019) A multiclassifier network-based crypto ransomware detection system: a case study of locky ransomware. In: IEEE access, vol 7 (2019), pp 47 053\u201347 067","DOI":"10.1109\/ACCESS.2019.2907485"},{"key":"13_CR32","doi-asserted-by":"crossref","unstructured":"Karimi A, Moattar MH (2017) Android ransomware detection using reduced opcode sequence and image similarity. In: 2017 7th international conference on computer and knowledge engineering (ICCKE). IEEE, pp 229\u2013234","DOI":"10.1109\/ICCKE.2017.8167881"},{"key":"13_CR33","doi-asserted-by":"crossref","unstructured":"Shaukat SK, Ribeiro VJ (2018) Ransomwall: a layered defense system against cryptographic ransomware attacks using machine learning. In: 2018 10th international conference on communication systems & networks (COMSNETS). IEEE, pp 356\u2013363","DOI":"10.1109\/COMSNETS.2018.8328219"},{"key":"13_CR34","doi-asserted-by":"crossref","unstructured":"Moussaileb R, Bouget B, Palisse A, Le Bouder H, Cuppens N, Lanet J-L (2018) Ransomware\u2019s early mitigation mechanisms. In: Proceedings of the 13th international conference on availability, reliability and security. ACM, p. 2","DOI":"10.1145\/3230833.3234691"},{"key":"13_CR35","unstructured":"Alam M, Bhattacharya S, Mukhopadhyay D, Chattopadhyay A (2018) RAPPER: ransomware prevention via performance counters CoRR, vol. abs\/1802.03909. arXiv:1802.03909"},{"key":"13_CR36","doi-asserted-by":"crossref","unstructured":"Maiorca D, Mercaldo F, Giacinto G, Visaggio CA, Martinelli F (2017) R-PackDroid: API package-based characterization and detection of mobile ransomware. In: Proceedings of the symposium on applied computing. ACM, pp 1718\u20131723","DOI":"10.1145\/3019612.3019793"},{"key":"13_CR37","doi-asserted-by":"crossref","unstructured":"Hasan MM, Rahman MM (2017) Ranshunt: a support vector machines-based ransomware analysis framework with integrated feature set. In: 2017 20th international conference of computer and information technology (ICCIT), pp 1\u20137","DOI":"10.1109\/ICCITECHN.2017.8281835"},{"key":"13_CR38","doi-asserted-by":"crossref","unstructured":"Chen Z-G, Kang H-S, Yin S-N, Kim S-R (2017) Automatic ransomware detection and analysis based on dynamic API calls flow graph. In: Proceedings of the international conference on research in adaptive and convergent systems. ACM, pp 196\u2013201","DOI":"10.1145\/3129676.3129704"},{"key":"13_CR39","doi-asserted-by":"publisher","unstructured":"Vigneswaran R, Vinayakumar R, Soman KP, Poornachandran P (2018) Evaluating shallow and deep neural networks for network intrusion detection systems in cyber security, pp 1\u20136. https:\/\/doi.org\/10.1109\/ICCCNT.2018.8494096","DOI":"10.1109\/ICCCNT.2018.8494096"},{"key":"13_CR40","doi-asserted-by":"publisher","unstructured":"Ijaz M, Durad H, Ismail M (2019) Static and dynamic malware analysis using machine learning, pp 687\u2013691. https:\/\/doi.org\/10.1109\/IBCAST.2019.8667136","DOI":"10.1109\/IBCAST.2019.8667136"},{"key":"13_CR41","doi-asserted-by":"publisher","unstructured":"Jagsir S, Singh J (2020) A, survey on machine learning-based malware detection in executable files. J Syst Arch 101861. ISSN 1383\u20137621. https:\/\/doi.org\/10.1016\/j.sysarc.2020.101861","DOI":"10.1016\/j.sysarc.2020.101861"},{"key":"13_CR42","doi-asserted-by":"publisher","unstructured":"Zhang D, Zhang Z, Jiang B, Tse TH (2018) The impact of lightweight disassembler on malware detection: an empirical study. In: (2018) IEEE 42nd annual computer software and applications conference (COMPSAC). Tokyo 2018, pp 620\u2013629. https:\/\/doi.org\/10.1109\/COMPSAC.2018.00094","DOI":"10.1109\/COMPSAC.2018.00094"}],"container-title":["Advances in Intelligent Systems and Computing","Proceedings of the Seventh International Conference on Mathematics and Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-16-6890-6_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,3,5]],"date-time":"2022-03-05T14:04:07Z","timestamp":1646489047000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-16-6890-6_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9789811668890","9789811668906"],"references-count":42,"URL":"https:\/\/doi.org\/10.1007\/978-981-16-6890-6_13","relation":{},"ISSN":["2194-5357","2194-5365"],"issn-type":[{"value":"2194-5357","type":"print"},{"value":"2194-5365","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"6 March 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}