Abstract:
Ransomware is one of the biggest threats to organizations in the current cybersecurity landscape with severe attacks causing
millions of United States Dollars in damages. Many have looked to newer technology, such as machine learning and artificial intelligence,
to identify and prevent these costly attacks. This review gathers and analyzes one hundred and five research papers to understand
what is being done in the field and the results of the reported experiments. The papers were then separated into groups depending on
the contents of the research. The suggested frameworks and reviews are judged qualitatively, and the experiment groups were judged
quantitatively by using simple statistics generated by the average reported accuracy of each machine learning classifier is calculated
to give a simple overview of popular classifiers and their performance. This data was then analyzed further by generating median,
mode, and standard deviation to better understand the reported performance of each classifier that appeared enough to make reasonable
inferences. Furthermore, this paper gives a generalized overview of commonly suggested implementations, and analyzes current
commercial solutions to show how these techniques have been adopted by major security providers such as Microsoft and CrowdStrike.
This paper concludes with suggestions of commonly successful classifiers in traditional testing, alongside suggestions for future research.
