
@Article{jcs.2026.082741,
AUTHOR = {Dakshnamoorthy Manivannan},
TITLE = {A Comprehensive and Critical Analysis of Ransomware Detection, Prevention, Mitigation, and Recovery Approaches},
JOURNAL = {Journal of Cyber Security},
VOLUME = {8},
YEAR = {2026},
NUMBER = {1},
PAGES = {397--468},
URL = {http://www.techscience.com/JCS/v8n1/67994},
ISSN = {2579-0064},
ABSTRACT = {Ransomware has emerged as one of the most disruptive and financially damaging forms of cybercrime, affecting individuals, enterprises, and critical infrastructures worldwide. Over the past decade, ransomware attacks have evolved from simple file-encryption malware to sophisticated, multi-stage campaigns involving data exfiltration, double extortion, and ransomware-as-a-service (RaaS) ecosystems. In response, a large body of research has proposed diverse techniques for detecting, preventing, mitigating, and recovering from ransomware attacks. This paper presents a comprehensive survey of ransomware research spanning behavioral and runtime detection, machine learning and deep learning-based approaches, network and SDN-based detection, platform-specific defenses for mobile and IoT environments, storage- and hardware-assisted protection mechanisms, deception-based defenses, and backup and recovery strategies. In addition, the survey examines adversarial evasion techniques, blockchain-based analysis of ransomware payments, economic and policy perspectives, and the real-world operational impacts of ransomware attacks, particularly in critical sectors such as healthcare. Based on a synthesis of the literature, we identify key open challenges related to adversarial robustness, dataset availability, evolving threat models, and the need for integrated cross-layer defense architectures. Finally, we outline promising research directions for developing scalable, resilient, and trustworthy ransomware defense mechanisms capable of addressing the rapidly evolving ransomware threat landscape.},
DOI = {10.32604/jcs.2026.082741}
}



