Windows Based Ransomware Detection

Ransomware is a persistent and dynamic cyberthreat that primarily targets the widely used Windows operating system. The increasing sophistication of ransomware, characterized by advanced polymorphic behaviour, sophisticated encryption tactics, and evasive obfuscation techniques, continually undermines the efficacy of conventional security measures. This paper presents a systematic review of the literature on Windows-based ransomware detection published between 2020 and 2025. We critically evaluate the dominant detection paradigms, including behavioural analysis, machine learning, deep learning, and digital forensics. A comparative analysis of static, dynamic, and hybrid methodologies is conducted to assess their respective strengths and limitations in identifying modern ransomware variants. Furthermore, this review examines the benchmark datasets utilized for model training and validation, discusses persistent challenges such as zero-day threat detection and adversarial attacks, and synthesizes the findings to propose a forward-looking agenda for future research. By mapping the current state of the art, this paper aims to provide a comprehensive reference for researchers and practitioners dedicated to mitigating the ransomware threat in Windows environments.

• Publication year

  2025

• Venue

  2025 IEEE DELCON - International Conference on Recent Smart Technologies in Engineering for Sustainable Development

• Publication date

  2025-10-31

• Fields of study

  Not labeled

• Identifiers
  DOI 10.1109/DELCON68055.2025.11400392
• External record

  Open on Semantic Scholar

• Source metadata

  Semantic Scholar

• No claims are published for this paper.

• No concepts are published for this paper.

• Utilizing windows event logs for malware detection using machine learning

  2025cited by this paper
• File Monitoring System for Ransomware Detection

  2025cited by this paper
• A Behavioral Analysis of Ransomware in Active Directory: A Case Study of BlackMatter, Conti, LockBit, and Midnight

  2025cited by this paper
• Addressing Behavioral Drift in Ransomware Early Detection Through Weighted Generative Adversarial Networks

  2024cited by this paper
• Ranker: Early Ransomware Detection Through Kernel-Level Behavioral Analysis

  2024cited by this paper
• Ransomware Detection: Leveraging Sandbox, Text Mining Techiques and Machine Learning

  2024cited by this paper
• A Comprehensive Review on Windows Forensic Based Ransomware Detection and Analysis

  2024cited by this paper
• Context-Aware Anomaly-based Detection for Ransomware using Multivariate Feature

  2024cited by this paper
• Malware Detection Through Windows System Call Analysis

  2024cited by this paper
• The Recent Trends in Ransomware Detection and Behaviour Analysis

  2024cited by this paper
• Enhanced Ransomware Detection Using Gradient Boosting Algorithms: A Cybersecurity Dataset Approach

  2024cited by this paper
• An Enhanced Ransomware Defense Strategy through Behavior-Based Detection using Machine Learning Algorithms

  2024cited by this paper
• Device Behavioral Profiling for Autonomous Protection Using Deep Neural Networks

  2023cited by this paper
• A Novel Method for Ransomware Family Detection on Deep Learning-based Models Using Adversarial Examples

  2023cited by this paper
• Static-RWArmor: A Static Analysis Approach for Prevention of Cryptographic Windows Ransomware

  2023cited by this paper
• Real-Time Ransomware Detection Method Based on TextGCN

  2023cited by this paper
• Opcode and API Based Machine Learning Framework For Malware Classification

  2022cited by this paper
• A Comprehensive API Call Analysis for Detecting Windows-Based Ransomware

  2022cited by this paper
• Policy-based and Behavioral Framework to Detect Ransomware Affecting Resource-constrained Sensors

  2022cited by this paper
• An Adversarial Reinforcement Learning Framework for Robust Machine Learning-based Malware Detection

  2022cited by this paper
• API-Based Ransomware Detection Using Machine Learning-Based Threat Detection Models

  2021cited by this paper
• Static Detection of Ransomware Using LSTM Network and PE Header

  2021cited by this paper
• Analysis of Crypto-Ransomware Using ML-Based Multi-Level Profiling

  2021cited by this paper
• Generative Adversarial Networks

  2021cited by this paper
• A Behaviour based Ransomware Detection using Neural Network Models

  2020cited by this paper
• A New Method for Ransomware Detection Based on PE Header Using Convolutional Neural Networks

  2020cited by this paper
• RATAFIA: Ransomware Analysis using Time And Frequency Informed Autoencoders

  2019cited by this paper

• No citing papers are available for this paper.