TY - EJOU AU - Manivannan, Dakshnamoorthy TI - A Comprehensive and Critical Analysis of Ransomware Detection, Prevention, Mitigation, and Recovery Approaches T2 - Journal of Cyber Security PY - 2026 VL - 8 IS - 1 SN - 2579-0064 AB - Ransomware has emerged as one of the most disruptive and financially damaging forms of cybercrime, affecting individuals, enterprises, and critical infrastructures worldwide. Over the past decade, ransomware attacks have evolved from simple file-encryption malware to sophisticated, multi-stage campaigns involving data exfiltration, double extortion, and ransomware-as-a-service (RaaS) ecosystems. In response, a large body of research has proposed diverse techniques for detecting, preventing, mitigating, and recovering from ransomware attacks. This paper presents a comprehensive survey of ransomware research spanning behavioral and runtime detection, machine learning and deep learning-based approaches, network and SDN-based detection, platform-specific defenses for mobile and IoT environments, storage- and hardware-assisted protection mechanisms, deception-based defenses, and backup and recovery strategies. In addition, the survey examines adversarial evasion techniques, blockchain-based analysis of ransomware payments, economic and policy perspectives, and the real-world operational impacts of ransomware attacks, particularly in critical sectors such as healthcare. Based on a synthesis of the literature, we identify key open challenges related to adversarial robustness, dataset availability, evolving threat models, and the need for integrated cross-layer defense architectures. Finally, we outline promising research directions for developing scalable, resilient, and trustworthy ransomware defense mechanisms capable of addressing the rapidly evolving ransomware threat landscape. KW - Ransomware detection; ransomware prevention; ransomware mitigation; computer security; network security; machine learning; deep learning; explainable AI; cybersecurity DO - 10.32604/jcs.2026.082741