In recent years, ransomware has been one of the most notorious malware targeting end users, governments, and business organizations. It has become a very profitable business for cybercriminals with revenues of millions of dollars, and a very serious threat to organizations with financial loss of billions of dollars. Numerous studies were proposed to address the ransomware threat, including surveys that cover certain aspects of ransomware research. However, no study exists in the literature that gives the complete picture on ransomware and ransomware defense research with respect to the diversity of targeted platforms. Since ransomware is already prevalent in PCs/workstations/desktops/laptops, is becoming more prevalent in mobile devices, and has already hit IoT/CPS recently, and will likely grow further in the IoT/CPS domain very soon, understanding ransomware and analyzing defense mechanisms with respect to target platforms is becoming more imperative. In order to fill this gap and motivate further research, in this paper, we present a comprehensive survey on ransomware and ransomware defense research with respect to PCs/workstations, mobile devices, and IoT/CPS platforms. Specifically, covering 137 studies over the period of 1990-2020, we give a detailed overview of ransomware evolution, comprehensively analyze the key building blocks of ransomware, present a taxonomy of notable ransomware families, and provide an extensive overview of ransomware defense research (i.e., analysis, detection, and recovery) with respect to platforms of PCs/workstations, mobile devices, and IoT/CPS. Moreover, we derive an extensive list of open issues for future ransomware research. We believe this survey will motivate further research by giving a complete picture on state-of-the-art ransomware research.
翻译:近年来,赎金软件一直是针对最终用户、政府和工商组织最臭名昭著的恶意软件之一,已成为以数百万美元收入为收入的网络罪犯的一个非常有利可图的行业,对损失数十亿美元的组织构成了非常严重的威胁。提出了许多研究,以解决赎金软件的威胁,包括涵盖赎金软件研究某些方面的调查。然而,文献中没有任何研究能够全面反映赎金软件和赎金软件防御研究的目标平台的多样性。由于赎金软件已经在个人计算机/工作站/桌面/膝上型计算机/膝上型计算机中十分流行,在移动设备中日益流行,最近已经袭击了IoT/CPS, 并且有可能很快在IoT/CPS领域进一步增长。许多研究,了解赎金软件和分析与目标平台有关的防御机制,越来越迫切。为了填补这一空白,鼓励进一步研究,我们在本文件中,我们通过个人计算机/工作站、移动装置和IoT/CP平台对移动软件工具进行公开的辩护研究,在移动设备设备设备设备设备/服务器平台中日益流行,最近已经袭击了IoT/CP,而且很可能在IoT/CP领域进一步扩展地对赎金软件进行了研究,对1990年的赎金软件进行一项最新的研究,对赎金软件进行深入分析,对1990年的货币软件进行一项重要的研究,对货币系统研究,对1990年的升级系统研究,对1990年的系统进行一项明确的研究,对