A Short Criteria-Based Review of High-Performance Proactive Ransomware Analysis Models

Abstract

The Software that contains destructive commands intended to damage user data and systems is known as malware. The malware's objective is to take over the system without authorization, access private information, or even corrupt it. Over the past few years, several malware threats have been reintroduced. To demand a ransom, malicious software known as ransomware locks the victim's system or encrypts important data. Numerous studies have been conducted to stop and quickly recognize ransomware attacks. Therefore, detecting ransomware attacks as early as possible avoids the execution of malicious instructions that would otherwise damage user data and the system. In this study, we examine eight criteria across several aspects of the suggested solution to evaluate six state-of-the-art high-performance proactive ransomware detection models. Depending on how well each requirement is met, points are given to it. The evaluation results are compared with the claimed accuracy results. The ranking outcomes and potential areas for future improvement outlined by each model will then be presented. To the best of our knowledge, researchers in the field of proactive ransomware detection are more interested in increasing classification accuracy than they are in reducing latency. One crucial factor in defining a model as high-performance is latency. Model 5 (M5, Zhang et al. model) thus receives the highest score of 14 points. With only 2.44 seconds, the model minimized the classification latency. After comparison, it is strongly advised to look beyond the capabilities of machine learning algorithms to quickly identify and stop ransomware attacks.