{"id":"https://openalex.org/W4396712725","doi":"https://doi.org/10.1109/access.2024.3397921","title":"Ransomware Detection Using Machine Learning: A Review, Research Limitations and Future Directions","display_name":"Ransomware Detection Using Machine Learning: A Review, Research Limitations and Future Directions","publication_year":2024,"publication_date":"2024-01-01","ids":{"openalex":"https://openalex.org/W4396712725","doi":"https://doi.org/10.1109/access.2024.3397921"},"language":"en","primary_location":{"id":"doi:10.1109/access.2024.3397921","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2024.3397921","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10521643.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10521643.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5050531980","display_name":"Jamil Ispahany","orcid":"https://orcid.org/0000-0001-8224-2924"},"institutions":[{"id":"https://openalex.org/I153230381","display_name":"Charles Sturt University","ror":"https://ror.org/00wfvh315","country_code":"AU","type":"education","lineage":["https://openalex.org/I153230381"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Jamil Ispahany","raw_affiliation_strings":["Cyber Security Cooperative Research Centre (CSCRC), Kingston, ACT, Australia","School of Computing, Mathematics and Engineering, Charles Sturt University, Bathurst, NSW, Australia"],"raw_orcid":"https://orcid.org/0000-0001-8224-2924","affiliations":[{"raw_affiliation_string":"Cyber Security Cooperative Research Centre (CSCRC), Kingston, ACT, Australia","institution_ids":[]},{"raw_affiliation_string":"School of Computing, Mathematics and Engineering, Charles Sturt University, Bathurst, NSW, Australia","institution_ids":["https://openalex.org/I153230381"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5065820146","display_name":"Rafiqul Islam","orcid":"https://orcid.org/0000-0001-8317-5727"},"institutions":[{"id":"https://openalex.org/I153230381","display_name":"Charles Sturt University","ror":"https://ror.org/00wfvh315","country_code":"AU","type":"education","lineage":["https://openalex.org/I153230381"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Md. Rafiqul Islam","raw_affiliation_strings":["Cyber Security Cooperative Research Centre (CSCRC), Kingston, ACT, Australia","School of Computing, Mathematics and Engineering, Charles Sturt University, Albury/Wodonga, NSW, Australia"],"raw_orcid":"https://orcid.org/0000-0001-8317-5727","affiliations":[{"raw_affiliation_string":"Cyber Security Cooperative Research Centre (CSCRC), Kingston, ACT, Australia","institution_ids":[]},{"raw_affiliation_string":"School of Computing, Mathematics and Engineering, Charles Sturt University, Albury/Wodonga, NSW, Australia","institution_ids":["https://openalex.org/I153230381"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5015246388","display_name":"Md Zahidul Islam","orcid":"https://orcid.org/0000-0002-4868-4945"},"institutions":[{"id":"https://openalex.org/I153230381","display_name":"Charles Sturt University","ror":"https://ror.org/00wfvh315","country_code":"AU","type":"education","lineage":["https://openalex.org/I153230381"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Md. Zahidul Islam","raw_affiliation_strings":["Cyber Security Cooperative Research Centre (CSCRC), Kingston, ACT, Australia","School of Computing, Mathematics and Engineering, Charles Sturt University, Bathurst, NSW, Australia"],"raw_orcid":"https://orcid.org/0000-0002-4868-4945","affiliations":[{"raw_affiliation_string":"Cyber Security Cooperative Research Centre (CSCRC), Kingston, ACT, Australia","institution_ids":[]},{"raw_affiliation_string":"School of Computing, Mathematics and Engineering, Charles Sturt University, Bathurst, NSW, Australia","institution_ids":["https://openalex.org/I153230381"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5065309356","display_name":"M. Arif Khan","orcid":"https://orcid.org/0000-0001-6112-8874"},"institutions":[{"id":"https://openalex.org/I153230381","display_name":"Charles Sturt University","ror":"https://ror.org/00wfvh315","country_code":"AU","type":"education","lineage":["https://openalex.org/I153230381"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"M. Arif Khan","raw_affiliation_strings":["Cyber Security Cooperative Research Centre (CSCRC), Kingston, ACT, Australia","School of Computing, Mathematics and Engineering, Charles Sturt University, Bathurst, NSW, Australia"],"raw_orcid":"https://orcid.org/0000-0001-6112-8874","affiliations":[{"raw_affiliation_string":"Cyber Security Cooperative Research Centre (CSCRC), Kingston, ACT, Australia","institution_ids":[]},{"raw_affiliation_string":"School of Computing, Mathematics and Engineering, Charles Sturt University, Bathurst, NSW, Australia","institution_ids":["https://openalex.org/I153230381"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":15.8212,"has_fulltext":true,"cited_by_count":52,"citation_normalized_percentile":{"value":0.99523154,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":"12","issue":null,"first_page":"68785","last_page":"68813"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.9849501848220825},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7732690572738647},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7607740759849548},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6569101810455322},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.47535985708236694},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.43028199672698975},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.34275221824645996},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.32308220863342285},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.1472989022731781}],"concepts":[{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.9849501848220825},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7732690572738647},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7607740759849548},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6569101810455322},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.47535985708236694},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.43028199672698975},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.34275221824645996},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.32308220863342285},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.1472989022731781}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/access.2024.3397921","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2024.3397921","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10521643.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:pure.atira.dk:publications/ed54230b-c01f-45c1-bbd7-ee5f64b2095a","is_oa":true,"landing_page_url":"https://researchoutput.csu.edu.au/en/publications/ed54230b-c01f-45c1-bbd7-ee5f64b2095a","pdf_url":"https://researchoutput.csu.edu.au/files/480414522/480413277_Published_article.pdf","source":{"id":"https://openalex.org/S7407055442","display_name":"Charles Sturt University Research Output (CRO)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Ispahany, J, Islam, R, Islam, Z & Khan, M A 2024, 'Ransomware detection using machine learning : A review, research limitations and future directions', IEEE Access, vol. 12, pp. 68785-68813. https://doi.org/10.1109/ACCESS.2024.3397921","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:doaj.org/article:8c09d264eea84ecaab211614729dc921","is_oa":true,"landing_page_url":"https://doaj.org/article/8c09d264eea84ecaab211614729dc921","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 12, Pp 68785-68813 (2024)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2024.3397921","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2024.3397921","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10521643.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.7200000286102295,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320315885","display_name":"Australian Government","ror":"https://ror.org/0314h5y94"}],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4396712725.pdf"},"referenced_works_count":138,"referenced_works":["https://openalex.org/W1996975221","https://openalex.org/W2296509296","https://openalex.org/W2326059556","https://openalex.org/W2559964890","https://openalex.org/W2742353928","https://openalex.org/W2784113120","https://openalex.org/W2788864200","https://openalex.org/W2789729245","https://openalex.org/W2789758093","https://openalex.org/W2792599578","https://openalex.org/W2794482868","https://openalex.org/W2800557391","https://openalex.org/W2808649067","https://openalex.org/W2887506070","https://openalex.org/W2893176864","https://openalex.org/W2900633536","https://openalex.org/W2915893383","https://openalex.org/W2918753059","https://openalex.org/W2928980918","https://openalex.org/W2943568479","https://openalex.org/W2953056235","https://openalex.org/W2954539634","https://openalex.org/W2957305577","https://openalex.org/W2962912862","https://openalex.org/W2972552958","https://openalex.org/W2974072230","https://openalex.org/W2980075242","https://openalex.org/W2984871466","https://openalex.org/W2988809393","https://openalex.org/W2988961468","https://openalex.org/W2989588798","https://openalex.org/W2991150929","https://openalex.org/W2991585564","https://openalex.org/W3003433587","https://openalex.org/W3007360442","https://openalex.org/W3011866104","https://openalex.org/W3013376267","https://openalex.org/W3013896538","https://openalex.org/W3014902384","https://openalex.org/W3015800066","https://openalex.org/W3034402928","https://openalex.org/W3035775076","https://openalex.org/W3039822732","https://openalex.org/W3040422908","https://openalex.org/W3041133507","https://openalex.org/W3047892252","https://openalex.org/W3080622597","https://openalex.org/W3092602673","https://openalex.org/W3094219804","https://openalex.org/W3099702369","https://openalex.org/W3101124703","https://openalex.org/W3111126165","https://openalex.org/W3111237076","https://openalex.org/W3114468998","https://openalex.org/W3127601194","https://openalex.org/W3132588576","https://openalex.org/W3153302004","https://openalex.org/W3154028478","https://openalex.org/W3164397115","https://openalex.org/W3165106224","https://openalex.org/W3176588888","https://openalex.org/W3178593045","https://openalex.org/W3183350623","https://openalex.org/W3184269725","https://openalex.org/W3184395191","https://openalex.org/W3186276894","https://openalex.org/W3196385849","https://openalex.org/W3197120839","https://openalex.org/W3198362339","https://openalex.org/W3200413364","https://openalex.org/W3201224956","https://openalex.org/W3201228709","https://openalex.org/W3205163562","https://openalex.org/W3208928702","https://openalex.org/W3212046143","https://openalex.org/W3216490468","https://openalex.org/W4200030734","https://openalex.org/W4200267592","https://openalex.org/W4200428865","https://openalex.org/W4200569302","https://openalex.org/W4206211871","https://openalex.org/W4210935972","https://openalex.org/W4214733430","https://openalex.org/W4214744072","https://openalex.org/W4214850595","https://openalex.org/W4220729157","https://openalex.org/W4220801425","https://openalex.org/W4221155816","https://openalex.org/W4224312479","https://openalex.org/W4224581290","https://openalex.org/W4285212536","https://openalex.org/W4285295354","https://openalex.org/W4286630725","https://openalex.org/W4288461328","https://openalex.org/W4288760578","https://openalex.org/W4293077671","https://openalex.org/W4293742266","https://openalex.org/W4296367487","https://openalex.org/W4296913371","https://openalex.org/W4300687693","https://openalex.org/W4311493459","https://openalex.org/W4312250728","https://openalex.org/W4312333477","https://openalex.org/W4312653795","https://openalex.org/W4317796364","https://openalex.org/W4318189316","https://openalex.org/W4318337972","https://openalex.org/W4321097601","https://openalex.org/W4321214126","https://openalex.org/W4364382428","https://openalex.org/W4366447842","https://openalex.org/W4367319959","https://openalex.org/W4378071190","https://openalex.org/W4379879883","https://openalex.org/W4380996693","https://openalex.org/W4383981974","https://openalex.org/W4384835155","https://openalex.org/W4385175220","https://openalex.org/W4385569740","https://openalex.org/W4385872253","https://openalex.org/W4386838013","https://openalex.org/W4386988695","https://openalex.org/W4386996799","https://openalex.org/W4387097414","https://openalex.org/W4387427979","https://openalex.org/W4388141203","https://openalex.org/W4389332030","https://openalex.org/W4390673835","https://openalex.org/W6729193369","https://openalex.org/W6748641434","https://openalex.org/W6750318962","https://openalex.org/W6751870569","https://openalex.org/W6786854854","https://openalex.org/W6790032393","https://openalex.org/W6796944948","https://openalex.org/W6798681010","https://openalex.org/W6802317808","https://openalex.org/W6811031417"],"related_works":["https://openalex.org/W3201228709","https://openalex.org/W2922354075","https://openalex.org/W4389157351","https://openalex.org/W4232561318","https://openalex.org/W3202245533","https://openalex.org/W4253977752","https://openalex.org/W2942879794","https://openalex.org/W2964829536","https://openalex.org/W2904586340","https://openalex.org/W3120595989"],"abstract_inverted_index":{"Ransomware":[0,70],"attacks":[1],"are":[2],"on":[3,126,166,194],"the":[4,20,73,90,120,147,156,167,174,191,199,210],"rise":[5],"in":[6,68,146,220],"terms":[7],"of":[8,66,75,100,103,164,169,177,212],"both":[9],"frequency":[10],"and":[11,83,108,173,181,204,215],"impact.":[12],"The":[13,98],"shift":[14],"to":[15,19,27,32,45,63,88,111,115],"remote":[16],"work":[17,28],"due":[18],"COVID-19":[21],"pandemic":[22],"has":[23,40,105,123],"led":[24],"more":[25],"people":[26],"online,":[29],"prompting":[30],"companies":[31],"adapt":[33],"quickly.":[34],"Unfortunately,":[35],"this":[36,101,136,185,221],"increased":[37,137],"online":[38],"activity":[39],"provided":[41],"cybercriminals":[42],"numerous":[43],"opportunities":[44],"carry":[46],"out":[47],"devastating":[48],"attacks.":[49],"One":[50],"recent":[51],"method":[52],"employed":[53],"by":[54,79],"malicious":[55],"actors":[56],"involves":[57],"infecting":[58],"corporate":[59],"networks":[60],"with":[61],"ransomware":[62,127,170,195],"extract":[64],"millions":[65],"dollars":[67],"profits.":[69],"falls":[71],"into":[72,190],"category":[74],"malware.":[76],"It":[77],"works":[78],"encrypting":[80],"sensitive":[81],"data":[82],"demanding":[84],"payments":[85],"from":[86],"victims":[87],"receive":[89],"encryption":[91],"keys":[92],"necessary":[93],"for":[94,141],"decrypting":[95],"their":[96,113],"data.":[97],"prevalence":[99],"type":[102],"attack":[104],"prompted":[106],"governments":[107],"organisations":[109],"worldwide":[110],"intensify":[112],"efforts":[114],"combat":[116],"ransomware.":[117],"In":[118],"response,":[119],"research":[121,218],"community":[122],"also":[124],"focused":[125],"detection,":[128,178,196],"leveraging":[129],"technologies":[130],"such":[131],"as":[132],"machine":[133],"learning.":[134],"Despite":[135],"attention,":[138],"practical":[139,175],"solutions":[140],"real-world":[142],"applications":[143],"remain":[144],"scarce":[145],"existing":[148,192],"literature.":[149],"Numerous":[150],"surveys":[151],"have":[152],"explored":[153],"literature":[154,193],"within":[155],"domain.":[157],"Still,":[158],"there":[159],"is":[160],"a":[161],"notable":[162],"lack":[163],"emphasis":[165],"design":[168],"detection":[171,202],"systems":[172],"aspects":[176],"including":[179],"real-time":[180],"early":[182],"detection.":[183],"Against":[184],"backdrop,":[186],"our":[187],"review":[188],"delves":[189],"specifically":[197],"examining":[198],"machine-learning":[200],"techniques,":[201],"approaches,":[203],"designs":[205],"employed.":[206],"Finally,":[207],"we":[208],"highlight":[209],"limitations":[211],"prior":[213],"studies":[214],"propose":[216],"future":[217],"directions":[219],"crucial":[222],"area.":[223]},"counts_by_year":[{"year":2026,"cited_by_count":11},{"year":2025,"cited_by_count":30},{"year":2024,"cited_by_count":11}],"updated_date":"2026-06-14T07:44:22.658603","created_date":"2025-10-10T00:00:00"}