Managing Cybersecurity Threats and Increasing Organizational Resilience

A special issue of Big Data and Cognitive Computing (ISSN 2504-2289).

Deadline for manuscript submissions: closed (30 September 2023) | Viewed by 63537

Printed Edition Available!
A printed edition of this Special Issue is available here.

Special Issue Editors

Special Issue Information

Dear Colleagues,

This Special Issue, “Managing Cybersecurity Threats and Increasing Organizational Resilience”, aims to bring together researchers from various fields of study. Researchers involved in single-discipline, inter-disciplinary and multi-disciplinary studies are welcome to submit a paper for peer review. Studies that address academic and industrial cybersecurity problems, and that provide insights into how cybersecurity threats can be dealt with, are welcome, as are papers that address current and future issues and challenges, and explain how managers and policymakers in both the private sector and the public sector deal with specific issues. A key focus of this Special Issue is to show how researchers are studying the complexities associated with various cyber attacks and how frameworks, models and concepts can be used to provide better intelligence so that the organization can be made more resilient. It is envisaged that a range of papers will be forthcoming that cover various perspectives on this topic. For example, papers of a quantitative as well as those of a qualitative nature are welcome. Papers may be theoretical, empirical, written in the form of a literature review or presented as a case study. They can also be industry-specific or general in nature. The main emphasis is to have a collection of papers that broaden the scope and interpretation of cybersecurity so that the threats identified can be established and recommendations made as to how the organization can be made more resilient and better able to deal with such threats. Of interest is a mix of theoretical and applied papers outlining current knowledge and offering unique solutions or interpretations of the subject matter; alternatively, critiques based on the established facts would also be appreciated.

This Special Issue will complement the existing literature and broaden our knowledge by placing cybersecurity within a wider context. The papers submitted are expected to cover a number of academic fields and link concepts and models with management applications and government policy. Papers can be very specific in nature or broad-based. They should appeal to various audiences including academics, researchers, students, business practitioners and government representatives. 

Potential topics include, but are not limited to, the following:

  • Artificial intelligence and analytics;
  • Artificial intelligence capabilities;
  • Artificial intelligence and human interaction;
  • Artificial intelligence platform categories;
  • Big data—in the context of management systems, government guidelines and policies and keeping data secure;
  • Biometrics and security;
  • Cognitive processes and learning;
  • Cybercrime and its various forms;
  • Cybersecurity challenges and solutions;
  • Cyberterrorism and the nature of the threat;
  • Cyberwarfare in the context of new approaches to warfare;
  • Data management;
  • Emergency planning;
  • Enterprise risk management;
  • Governance and compliance;
  • Impact analysis and how to undertake it;
  • Information management and the role of the risk manager;
  • Information systems and how to secure intra- and intercompany connections;
  • Infrastructure and resilience;
  • Information technology;
  • Knowledge sharing and development;
  • Operating models;
  • Partnership arrangements;
  • People and technology and identifying vulnerabilities;
  • Public and private sector organizations;
  • Risk analysis and various approaches;
  • Risk management and associated responsibilities;
  • Strategy and planning in the context of dealing with risk and uncertainty;
  • Technology and teams;
  • Threat analysis and how it is managed;
  • Scenario analysis and planning in the context of dealing with crises.

Dr. Peter R.J. Trim
Dr. Yang-Im Lee
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Big Data and Cognitive Computing is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1800 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • artificial intelligence
  • big data
  • biometrics
  • the cloud, cognitive processes
  • cyber attack
  • cybercrime
  • cybersecurity
  • cyberterrorism
  • cyberwarfare
  • data management
  • data storage
  • impact analysis
  • information management
  • information systems
  • infrastructure
  • knowledge
  • models
  • people and technology
  • risk analysis
  • risk management
  • strategy and planning
  • resilience
  • threat analysis
  • scenario analysis and planning

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (12 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Editorial

Jump to: Research, Review

3 pages, 180 KiB  
Editorial
Managing Cybersecurity Threats and Increasing Organizational Resilience
by Peter R. J. Trim and Yang-Im Lee
Big Data Cogn. Comput. 2023, 7(4), 177; https://doi.org/10.3390/bdcc7040177 - 22 Nov 2023
Cited by 2 | Viewed by 2411
Abstract
Cyber security is high up on the agenda of senior managers in private and public sector organizations and is likely to remain so for the foreseeable future. [...] Full article

Research

Jump to: Editorial, Review

19 pages, 1817 KiB  
Article
Assessment of Security KPIs for 5G Network Slices for Special Groups of Subscribers
by Roman Odarchenko, Maksim Iavich, Giorgi Iashvili, Solomiia Fedushko and Yuriy Syerov
Big Data Cogn. Comput. 2023, 7(4), 169; https://doi.org/10.3390/bdcc7040169 - 26 Oct 2023
Cited by 4 | Viewed by 3613
Abstract
It is clear that 5G networks have already become integral to our present. However, a significant issue lies in the fact that current 5G communication systems are incapable of fully ensuring the required quality of service and the security of transmitted data, especially [...] Read more.
It is clear that 5G networks have already become integral to our present. However, a significant issue lies in the fact that current 5G communication systems are incapable of fully ensuring the required quality of service and the security of transmitted data, especially in government networks that operate in the context of the Internet of Things, hostilities, hybrid warfare, and cyberwarfare. The use of 5G extends to critical infrastructure operators and special users such as law enforcement, governments, and the military. Adapting modern cellular networks to meet the specific needs of these special users is not only feasible but also necessary. In doing so, these networks must meet additional stringent requirements for reliability, performance, and, most importantly, data security. This scientific paper is dedicated to addressing the challenges associated with ensuring cybersecurity in this context. To effectively improve or ensure a sufficient level of cybersecurity, it is essential to measure the primary indicators of the effectiveness of the security system. At the moment, there are no comprehensive lists of these key indicators that require priority monitoring. Therefore, this article first analyzed the existing similar indicators and presented a list of them, which will make it possible to continuously monitor the state of cybersecurity systems of 5G cellular networks with the aim of using them for groups of special users. Based on this list of cybersecurity KPIs, as a result, this article presents a model to identify and evaluate these indicators. To develop this model, we comprehensively analyzed potential groups of performance indicators, selected the most relevant ones, and introduced a mathematical framework for their quantitative assessment. Furthermore, as part of our research efforts, we proposed enhancements to the core of the 4G/5G network. These enhancements enable data collection and statistical analysis through specialized sensors and existing servers, contributing to improved cybersecurity within these networks. Thus, the approach proposed in the article opens up an opportunity for continuous monitoring and, accordingly, improving the performance indicators of cybersecurity systems, which in turn makes it possible to use them for the maintenance of critical infrastructure and other users whose service presents increased requirements for cybersecurity systems. Full article
Show Figures

Figure 1

22 pages, 551 KiB  
Article
Cybersecurity Awareness Assessment among Trainees of the Technical and Vocational Training Corporation
by Shouq Alrobaian, Saif Alshahrani and Abdulaziz Almaleh
Big Data Cogn. Comput. 2023, 7(2), 73; https://doi.org/10.3390/bdcc7020073 - 12 Apr 2023
Cited by 9 | Viewed by 4653
Abstract
People are the weakest link in the cybersecurity chain when viewed in the context of technological advancement. People become vulnerable to trickery through contemporary technical developments such as social media platforms. Information accessibility and flow have increased rapidly and effectively; however, due to [...] Read more.
People are the weakest link in the cybersecurity chain when viewed in the context of technological advancement. People become vulnerable to trickery through contemporary technical developments such as social media platforms. Information accessibility and flow have increased rapidly and effectively; however, due to this increase, new electronic risks, or so-called cybercrime, such as phishing, scams, and hacking, lead to privacy breaches and hardware sabotage. Therefore, ensuring data privacy is vital, particularly in an educational institute where students constitute the large majority of users. Students or trainees violate cybersecurity policies due to their lack of awareness about the cybersecurity environment and the consequences of cybercrime. This paper aims to assess the level of awareness of cybersecurity, users’ activities, and user responses to cybersecurity issues. This paper collected data based on a distributed questionnaire among trainees in the Technical and Vocational Training Corporation (TVTC) to demonstrate the necessity of increasing user awareness and training. In this study, quantitative research techniques were utilized to analyze the responses from trainees using tests such as the Chi-Squared test. Proof of the reliability of the survey was provided using Cronbach’s alpha test. This research identifies the deficiencies in cybersecurity awareness among TVTC trainees. After analyzing the gathered data, recommendations for tackling these shortcomings were offered, with the aim of enhancing trainees’ decision-making skills regarding privacy and security using the Nudge model. Full article
Show Figures

Figure 1

26 pages, 1289 KiB  
Article
Threat Hunting Architecture Using a Machine Learning Approach for Critical Infrastructures Protection
by Mario Aragonés Lozano, Israel Pérez Llopis and Manuel Esteve Domingo
Big Data Cogn. Comput. 2023, 7(2), 65; https://doi.org/10.3390/bdcc7020065 - 30 Mar 2023
Cited by 4 | Viewed by 6325
Abstract
The number and the diversity in nature of daily cyber-attacks have increased in the last few years, and trends show that both will grow exponentially in the near future. Critical Infrastructures (CI) operators are not excluded from these issues; therefore, CIs’ Security Departments [...] Read more.
The number and the diversity in nature of daily cyber-attacks have increased in the last few years, and trends show that both will grow exponentially in the near future. Critical Infrastructures (CI) operators are not excluded from these issues; therefore, CIs’ Security Departments must have their own group of IT specialists to prevent and respond to cyber-attacks. To introduce more challenges in the existing cyber security landscape, many attacks are unknown until they spawn, even a long time after their initial actions, posing increasing difficulties on their detection and remediation. To be reactive against those cyber-attacks, usually defined as zero-day attacks, organizations must have Threat Hunters at their security departments that must be aware of unusual behaviors and Modus Operandi. Threat Hunters must face vast amounts of data (mainly benign and repetitive, and following predictable patterns) in short periods to detect any anomaly, with the associated cognitive overwhelming. The application of Artificial Intelligence, specifically Machine Learning (ML) techniques, can remarkably impact the real-time analysis of those data. Not only that, but providing the specialists with useful visualizations can significantly increase the Threat Hunters’ understanding of the issues that they are facing. Both of these can help to discriminate between harmless data and malicious data, alleviating analysts from the above-mentioned overload and providing means to enhance their Cyber Situational Awareness (CSA). This work aims to design a system architecture that helps Threat Hunters, using a Machine Learning approach and applying state-of-the-art visualization techniques in order to protect Critical Infrastructures based on a distributed, scalable and online configurable framework of interconnected modular components. Full article
Show Figures

Figure 1

24 pages, 804 KiB  
Article
On the Way to Automatic Exploitation of Vulnerabilities and Validation of Systems Security through Security Chaos Engineering
by Sara Palacios Chavarro, Pantaleone Nespoli, Daniel Díaz-López and Yury Niño Roa
Big Data Cogn. Comput. 2023, 7(1), 1; https://doi.org/10.3390/bdcc7010001 - 20 Dec 2022
Cited by 4 | Viewed by 3201
Abstract
Software is behind the technological solutions that deliver many services to our society, which means that software security should not be considered a desirable feature anymore but more of a necessity. Protection of software is an endless labor that includes the improvement of [...] Read more.
Software is behind the technological solutions that deliver many services to our society, which means that software security should not be considered a desirable feature anymore but more of a necessity. Protection of software is an endless labor that includes the improvement of security controls but also the understanding of the sources that induce incidents, which in many cases are due to bad implementation or assumptions of controls. As traditional methods may not be efficient in detecting those security assumptions, novel alternatives must be attempted. In this sense, Security Chaos Engineering (SCE) becomes an innovative methodology based on the definition of a steady state, a hypothesis, experiments, and metrics, which allow to identify failing components and ultimately protect assets under cyber risk scenarios. As an extension of a previous work, this paper presents ChaosXploit, an SCE-powered framework that employs a knowledge database, composed of attack trees, to expose vulnerabilities that exist in a software solution that has been previously defined as a target. The use of ChaosXploit may be part of a defensive security strategy to detect and correct software misconfigurations at an early stage. Finally, different experiments are described and executed to validate the feasibility of ChaosXploit in terms of auditing the security of cloud-managed services, i.e., Amazon buckets, which may be prone to misconfigurations and, consequently, targeted by potential cyberattacks. Full article
Show Figures

Figure 1

13 pages, 2240 KiB  
Article
Proposal of Decentralized P2P Service Model for Transfer between Blockchain-Based Heterogeneous Cryptocurrencies and CBDCs
by Keundug Park and Heung-Youl Youm
Big Data Cogn. Comput. 2022, 6(4), 159; https://doi.org/10.3390/bdcc6040159 - 19 Dec 2022
Cited by 5 | Viewed by 3562
Abstract
This paper proposes a solution to the transfer problem between blockchain-based heterogeneous cryptocurrencies and CBDCs, with research derived from an analysis of the existing literature. Interoperability between heterogeneous blockchains has been an obstacle to service diversity and user convenience. Many types of cryptocurrencies [...] Read more.
This paper proposes a solution to the transfer problem between blockchain-based heterogeneous cryptocurrencies and CBDCs, with research derived from an analysis of the existing literature. Interoperability between heterogeneous blockchains has been an obstacle to service diversity and user convenience. Many types of cryptocurrencies are currently trading on the market, and many countries are researching and testing central bank digital currencies (CBDCs). In this paper, existing interoperability studies and solutions between heterogeneous blockchains and differences from the proposed service model are described. To enhance digital financial services and improve user convenience, transfer between heterogeneous cryptocurrencies, transfer between heterogeneous CBDCs, and transfer between cryptocurrency and CBDC should be required. This paper proposes an interoperable architecture between heterogeneous blockchains, and a decentralized peer-to-peer (P2P) service model based on the interoperable architecture for transferring between blockchain-based heterogeneous cryptocurrencies and CBDCs. Security threats to the proposed service model are identified and security requirements to prevent the identified security threats are specified. The mentioned security threats and security requirements should be considered when implementing the proposed service model. Full article
Show Figures

Figure 1

15 pages, 2125 KiB  
Article
Security and Privacy Threats and Requirements for the Centralized Contact Tracing System in Korea
by Sungchae Park and Heung-Youl Youm
Big Data Cogn. Comput. 2022, 6(4), 143; https://doi.org/10.3390/bdcc6040143 - 28 Nov 2022
Cited by 2 | Viewed by 4454
Abstract
As COVID-19 became a pandemic worldwide, contact tracing technologies and information systems were developed for quick control of infectious diseases in both the private and public sectors. This study aims to strengthen the data subject’s security, privacy, and rights in a centralized contact [...] Read more.
As COVID-19 became a pandemic worldwide, contact tracing technologies and information systems were developed for quick control of infectious diseases in both the private and public sectors. This study aims to strengthen the data subject’s security, privacy, and rights in a centralized contact tracing system adopted for a quick response to the spread of infectious diseases due to climate change, increasing cross-border movement, etc. There are several types of contact tracing systems: centralized, decentralized, and hybrid models. This study demonstrates the privacy model for a centralized contact tracing system, focusing on the case in Korea. Hence, we define security and privacy threats to the centralized contact tracing system. The threat analysis involved mapping the threats in ITU-T X.1121; in order to validate the defined threats, we used LIDDUN and STRIDE to map the threats. In addition, this study provides security requirements for each threat defined for more secure utilization of the centralized contact tracing system. Full article
Show Figures

Figure 1

13 pages, 367 KiB  
Article
PSO-Driven Feature Selection and Hybrid Ensemble for Network Anomaly Detection
by Maya Hilda Lestari Louk and Bayu Adhi Tama
Big Data Cogn. Comput. 2022, 6(4), 137; https://doi.org/10.3390/bdcc6040137 - 13 Nov 2022
Cited by 8 | Viewed by 2874
Abstract
As a system capable of monitoring and evaluating illegitimate network access, an intrusion detection system (IDS) profoundly impacts information security research. Since machine learning techniques constitute the backbone of IDS, it has been challenging to develop an accurate detection mechanism. This study aims [...] Read more.
As a system capable of monitoring and evaluating illegitimate network access, an intrusion detection system (IDS) profoundly impacts information security research. Since machine learning techniques constitute the backbone of IDS, it has been challenging to develop an accurate detection mechanism. This study aims to enhance the detection performance of IDS by using a particle swarm optimization (PSO)-driven feature selection approach and hybrid ensemble. Specifically, the final feature subsets derived from different IDS datasets, i.e., NSL-KDD, UNSW-NB15, and CICIDS-2017, are trained using a hybrid ensemble, comprising two well-known ensemble learners, i.e., gradient boosting machine (GBM) and bootstrap aggregation (bagging). Instead of training GBM with individual ensemble learning, we train GBM on a subsample of each intrusion dataset and combine the final class prediction using majority voting. Our proposed scheme led to pivotal refinements over existing baselines, such as TSE-IDS, voting ensembles, weighted majority voting, and other individual ensemble-based IDS such as LightGBM. Full article
Show Figures

Figure 1

19 pages, 2139 KiB  
Article
Botnet Detection Employing a Dilated Convolutional Autoencoder Classifier with the Aid of Hybrid Shark and Bear Smell Optimization Algorithm-Based Feature Selection in FANETs
by Nejood Faisal Abdulsattar, Firas Abedi, Hayder M. A. Ghanimi, Sachin Kumar, Ali Hashim Abbas, Ali S. Abosinnee, Ahmed Alkhayyat, Mustafa Hamid Hassan and Fatima Hashim Abbas
Big Data Cogn. Comput. 2022, 6(4), 112; https://doi.org/10.3390/bdcc6040112 - 11 Oct 2022
Cited by 21 | Viewed by 2266
Abstract
Flying ad hoc networks (FANETs) or drone technologies have attracted great focus recently because of their crucial implementations. Hence, diverse research has been performed on establishing FANET implementations in disparate disciplines. Indeed, civil airspaces have progressively embraced FANET technology in their systems. Nevertheless, [...] Read more.
Flying ad hoc networks (FANETs) or drone technologies have attracted great focus recently because of their crucial implementations. Hence, diverse research has been performed on establishing FANET implementations in disparate disciplines. Indeed, civil airspaces have progressively embraced FANET technology in their systems. Nevertheless, the FANETs’ distinct characteristics can be tuned and reinforced for evolving security threats (STs), specifically for intrusion detection (ID). In this study, we introduce a deep learning approach to detect botnet threats in FANET. The proposed approach uses a hybrid shark and bear smell optimization algorithm (HSBSOA) to extract the essential features. This hybrid algorithm allows for searching different feature solutions within the search space regions to guarantee a superior solution. Then, a dilated convolutional autoencoder classifier is used to detect and classify the security threats. Some of the most common botnet attacks use the N-BaIoT dataset, which automatically learns features from raw data to capture a malicious file. The proposed framework is named the hybrid shark and bear smell optimized dilated convolutional autoencoder (HSBSOpt_DCA). The experiments show that the proposed approach outperforms existing models such as CNN-SSDI, BI-LSTM, ODNN, and RPCO-BCNN. The proposed HSBSOpt_DCA can achieve improvements of 97% accuracy, 89% precision, 98% recall, and 98% F1-score as compared with those existing models. Full article
Show Figures

Figure 1

20 pages, 299 KiB  
Article
Combining Sociocultural Intelligence with Artificial Intelligence to Increase Organizational Cyber Security Provision through Enhanced Resilience
by Peter R. J. Trim and Yang-Im Lee
Big Data Cogn. Comput. 2022, 6(4), 110; https://doi.org/10.3390/bdcc6040110 - 8 Oct 2022
Cited by 7 | Viewed by 3732
Abstract
Although artificial intelligence (AI) and machine learning (ML) can be deployed to improve cyber security management, not all managers understand the different types of AI/ML and how they are to be deployed alongside the benefits associated with sociocultural intelligence. The aim of this [...] Read more.
Although artificial intelligence (AI) and machine learning (ML) can be deployed to improve cyber security management, not all managers understand the different types of AI/ML and how they are to be deployed alongside the benefits associated with sociocultural intelligence. The aim of this paper was to provide a context within which managers can better appreciate the role that sociocultural intelligence plays so that they can better utilize AI/ML to facilitate cyber threat intelligence (CTI). We focused our attention on explaining how different approaches to intelligence (i.e., the intelligence cycle (IC) and the critical thinking process (CTP)) can be combined and linked with cyber threat intelligence (CTI) so that AI/ML is used effectively. A small group interview was undertaken with five senior security managers based in a range of companies, all of whom had extensive security knowledge and industry experience. The findings suggest that organizational learning, transformational leadership, organizational restructuring, crisis management, and corporate intelligence are fundamental components of threat intelligence and provide a basis upon which a cyber threat intelligence cycle process (CTICP) can be developed to aid the resilience building process. The benefit of this is to increase organizational resilience by more firmly integrating the intelligence activities of the business so that a proactive approach to cyber security management is achieved. Full article
17 pages, 715 KiB  
Article
Argumentation-Based Query Answering under Uncertainty with Application to Cybersecurity
by Mario A. Leiva, Alejandro J. García, Paulo Shakarian and Gerardo I. Simari
Big Data Cogn. Comput. 2022, 6(3), 91; https://doi.org/10.3390/bdcc6030091 - 26 Aug 2022
Cited by 7 | Viewed by 2628
Abstract
Decision support tools are key components of intelligent sociotechnical systems, and their successful implementation faces a variety of challenges, including the multiplicity of information sources, heterogeneous format, and constant changes. Handling such challenges requires the ability to analyze and process inconsistent and incomplete [...] Read more.
Decision support tools are key components of intelligent sociotechnical systems, and their successful implementation faces a variety of challenges, including the multiplicity of information sources, heterogeneous format, and constant changes. Handling such challenges requires the ability to analyze and process inconsistent and incomplete information with varying degrees of associated uncertainty. Moreover, some domains require the system’s outputs to be explainable and interpretable; an example of this is cyberthreat analysis (CTA) in cybersecurity domains. In this paper, we first present the P-DAQAP system, an extension of a recently developed query-answering platform based on defeasible logic programming (DeLP) that incorporates a probabilistic model and focuses on delivering these capabilities. After discussing the details of its design and implementation, and describing how it can be applied in a CTA use case, we report on the results of an empirical evaluation designed to explore the effectiveness and efficiency of a possible world sampling-based approximate query answering approach that addresses the intractability of exact computations. Full article
Show Figures

Figure 1

Review

Jump to: Editorial, Research

24 pages, 9790 KiB  
Review
Ransomware Detection Using Machine Learning: A Survey
by Amjad Alraizza and Abdulmohsen Algarni
Big Data Cogn. Comput. 2023, 7(3), 143; https://doi.org/10.3390/bdcc7030143 - 16 Aug 2023
Cited by 24 | Viewed by 21926
Abstract
Ransomware attacks pose significant security threats to personal and corporate data and information. The owners of computer-based resources suffer from verification and privacy violations, monetary losses, and reputational damage due to successful ransomware assaults. As a result, it is critical to accurately and [...] Read more.
Ransomware attacks pose significant security threats to personal and corporate data and information. The owners of computer-based resources suffer from verification and privacy violations, monetary losses, and reputational damage due to successful ransomware assaults. As a result, it is critical to accurately and swiftly identify ransomware. Numerous methods have been proposed for identifying ransomware, each with its own advantages and disadvantages. The main objective of this research is to discuss current trends in and potential future debates on automated ransomware detection. This document includes an overview of ransomware, a timeline of assaults, and details on their background. It also provides comprehensive research on existing methods for identifying, avoiding, minimizing, and recovering from ransomware attacks. An analysis of studies between 2017 and 2022 is another advantage of this research. This provides readers with up-to-date knowledge of the most recent developments in ransomware detection and highlights advancements in methods for combating ransomware attacks. In conclusion, this research highlights unanswered concerns and potential research challenges in ransomware detection. Full article
Show Figures

Figure 1

Back to TopTop