Asad Iqbal¹, Mehdi Hussain^1,*, Qaiser Riaz¹, Madiha Khalid¹, Rafia Mumtaz¹, Ki-Hyun Jung^2,*

CMC-Computers, Materials & Continua, Vol.85, No.1, pp. 1693-1714, 2025, DOI:10.32604/cmc.2025.064260 - 29 August 2025

Abstract Ransomware, particularly crypto-ransomware, remains a significant cybersecurity challenge, encrypting victim data and demanding a ransom, often leaving the data irretrievable even if payment is made. This study proposes an early detection approach to mitigate such threats by identifying ransomware activity before the encryption process begins. The approach employs a two-tiered approach: a signature-based method using hashing techniques to match known threats and a dynamic behavior-based analysis leveraging Cuckoo Sandbox and machine learning algorithms. A critical feature is the integration of the most effective Application Programming Interface call monitoring, which analyzes system-level interactions such as file More >

Muhammad Sibtain¹, Mehdi Hussain^1,*, Qaiser Riaz¹, Sana Qadir¹, Naveed Riaz¹, Ki-Hyun Jung^2,*

CMC-Computers, Materials & Continua, Vol.84, No.3, pp. 5177-5199, 2025, DOI:10.32604/cmc.2025.066198 - 30 July 2025

Abstract Ransomware is malware that encrypts data without permission, demanding payment for access. Detecting ransomware on Android platforms is challenging due to evolving malicious techniques and diverse application behaviors. Traditional methods, such as static and dynamic analysis, suffer from polymorphism, code obfuscation, and high resource demands. This paper introduces a multi-stage approach to enhance behavioral analysis for Android ransomware detection, focusing on a reduced set of distinguishing features. The approach includes ransomware app collection, behavioral profile generation, dataset creation, feature identification, reduction, and classification. Experiments were conducted on ∼3300 Android-based ransomware samples, despite the challenges posed… More >

David Conway, Paolina Centonze^*

Journal of Cyber Security, Vol.7, pp. 71-78, 2025, DOI:10.32604/jcs.2025.063711 - 14 May 2025

Abstract Ransomware is a variant of malicious software that aims to encrypt data or whole systems to lock out the intended users. The attackers then demand a ransom for the decryption key to allow the intended users access to their data or system again. Ransomware attacks have the potential to be used against industries like healthcare and finance, as well as against the public sector, have threatened and forced the operations of key infrastructure used by millions to cease, and extorted millions and millions of dollars from victims. Automated methods have been designed and implemented to More >

Isha Sood^*, Varsha Sharma

CMC-Computers, Materials & Continua, Vol.81, No.2, pp. 2791-2818, 2024, DOI:10.32604/cmc.2024.055463 - 18 November 2024

Abstract Ransomware has emerged as a critical cybersecurity threat, characterized by its ability to encrypt user data or lock devices, demanding ransom for their release. Traditional ransomware detection methods face limitations due to their assumption of similar data distributions between training and testing phases, rendering them less effective against evolving ransomware families. This paper introduces TLERAD (Transfer Learning for Enhanced Ransomware Attack Detection), a novel approach that leverages unsupervised transfer learning and co-clustering techniques to bridge the gap between source and target domains, enabling robust detection of both known and unknown ransomware variants. The proposed method More >

Manal Abdullah Alohali¹, Muna Elsadig¹, Fahd N. Al-Wesabi², Mesfer Al Duhayyim³, Anwer Mustafa Hilal^4,*, Abdelwahed Motwakel⁴

Computer Systems Science and Engineering, Vol.46, No.3, pp. 3087-3102, 2023, DOI:10.32604/csse.2023.036802 - 03 April 2023

Abstract With the advent of the Internet of Things (IoT), several devices like sensors nowadays can interact and easily share information. But the IoT model is prone to security concerns as several attackers try to hit the network and make it vulnerable. In such scenarios, security concern is the most prominent. Different models were intended to address these security problems; still, several emergent variants of botnet attacks like Bashlite, Mirai, and Persirai use security breaches. The malware classification and detection in the IoT model is still a problem, as the adversary reliably generates a new variant… More >

Mesfer Al Duhayyim^1,*, Heba G. Mohamed², Fadwa Alrowais³, Fahd N. Al-Wesabi⁴, Anwer Mustafa Hilal⁵, Abdelwahed Motwakel⁵

Computer Systems Science and Engineering, Vol.46, No.2, pp. 1293-1310, 2023, DOI:10.32604/csse.2023.035589 - 09 February 2023

Abstract The Internet of Things (IoT) has gained more popularity in research because of its large-scale challenges and implementation. But security was the main concern when witnessing the fast development in its applications and size. It was a dreary task to independently set security systems in every IoT gadget and upgrade them according to the newer threats. Additionally, machine learning (ML) techniques optimally use a colossal volume of data generated by IoT devices. Deep Learning (DL) related systems were modelled for attack detection in IoT. But the current security systems address restricted attacks and can be… More >