Jay Barach^*

CMC-Computers, Materials & Continua, Vol.86, No.2, pp. 1-23, 2026, DOI:10.32604/cmc.2025.071705 - 09 December 2025

Abstract Human Resource (HR) operations increasingly rely on cloud-based platforms that provide hiring, payroll, employee management, and compliance services. These systems, typically built on multi-tenant microservice architectures, offer scalability and efficiency but also expand the attack surface for adversaries. Ransomware has emerged as a leading threat in this domain, capable of halting workflows and exposing sensitive employee records. Traditional defenses such as static hardening and signature-based detection often fail to address the dynamic requirements of HR Software as a Service (SaaS), where continuous availability and privacy compliance are critical. This paper presents a Moving Target Defense… More >

Sapan Pandya^*

Journal of Cyber Security, Vol.7, pp. 637-651, 2025, DOI:10.32604/jcs.2025.073670 - 24 December 2025

Abstract Ransomware has evolved from opportunistic malware into a global economic weapon, crippling critical services and extracting billions in illicit revenue. While most research has centered on enterprise networks and healthcare systems, an equally vulnerable frontier is emerging in lottery and betting kiosks—self-service financial Internet of Things (IoT) devices that handle billions of dollars annually. These terminals operate unattended, rely on legacy operating systems, and interact with sensitive transactional data, making them prime ransomware targets. This paper introduces a Resilient Security Framework (RSF) for kiosks under ransomware threat conditions. RSF integrates three defensive layers: (1) prevention… More >

Asad Iqbal¹, Mehdi Hussain^1,*, Qaiser Riaz¹, Madiha Khalid¹, Rafia Mumtaz¹, Ki-Hyun Jung^2,*

CMC-Computers, Materials & Continua, Vol.85, No.1, pp. 1693-1714, 2025, DOI:10.32604/cmc.2025.064260 - 29 August 2025

Abstract Ransomware, particularly crypto-ransomware, remains a significant cybersecurity challenge, encrypting victim data and demanding a ransom, often leaving the data irretrievable even if payment is made. This study proposes an early detection approach to mitigate such threats by identifying ransomware activity before the encryption process begins. The approach employs a two-tiered approach: a signature-based method using hashing techniques to match known threats and a dynamic behavior-based analysis leveraging Cuckoo Sandbox and machine learning algorithms. A critical feature is the integration of the most effective Application Programming Interface call monitoring, which analyzes system-level interactions such as file More >

Muhammad Sibtain¹, Mehdi Hussain^1,*, Qaiser Riaz¹, Sana Qadir¹, Naveed Riaz¹, Ki-Hyun Jung^2,*

CMC-Computers, Materials & Continua, Vol.84, No.3, pp. 5177-5199, 2025, DOI:10.32604/cmc.2025.066198 - 30 July 2025

Abstract Ransomware is malware that encrypts data without permission, demanding payment for access. Detecting ransomware on Android platforms is challenging due to evolving malicious techniques and diverse application behaviors. Traditional methods, such as static and dynamic analysis, suffer from polymorphism, code obfuscation, and high resource demands. This paper introduces a multi-stage approach to enhance behavioral analysis for Android ransomware detection, focusing on a reduced set of distinguishing features. The approach includes ransomware app collection, behavioral profile generation, dataset creation, feature identification, reduction, and classification. Experiments were conducted on ∼3300 Android-based ransomware samples, despite the challenges posed… More >

David Conway, Paolina Centonze^*

Journal of Cyber Security, Vol.7, pp. 71-78, 2025, DOI:10.32604/jcs.2025.063711 - 14 May 2025

Abstract Ransomware is a variant of malicious software that aims to encrypt data or whole systems to lock out the intended users. The attackers then demand a ransom for the decryption key to allow the intended users access to their data or system again. Ransomware attacks have the potential to be used against industries like healthcare and finance, as well as against the public sector, have threatened and forced the operations of key infrastructure used by millions to cease, and extorted millions and millions of dollars from victims. Automated methods have been designed and implemented to More >

Muhammad Armghan Latif¹, Zohaib Mushtaq^2,*, Saifur Rahman³, Saad Arif⁴, Salim Nasar Faraj Mursal³, Muhammad Irfan³, Haris Aziz⁵

CMES-Computer Modeling in Engineering & Sciences, Vol.142, No.2, pp. 1667-1695, 2025, DOI:10.32604/cmes.2024.056850 - 27 January 2025

Abstract Ransomware attacks pose a significant threat to critical infrastructures, demanding robust detection mechanisms. This study introduces a hybrid model that combines vision transformer (ViT) and one-dimensional convolutional neural network (1DCNN) architectures to enhance ransomware detection capabilities. Addressing common challenges in ransomware detection, particularly dataset class imbalance, the synthetic minority oversampling technique (SMOTE) is employed to generate synthetic samples for minority class, thereby improving detection accuracy. The integration of ViT and 1DCNN through feature fusion enables the model to capture both global contextual and local sequential features, resulting in comprehensive ransomware classification. Tested on the UNSW-NB15 More >

Isha Sood^*, Varsha Sharma

CMC-Computers, Materials & Continua, Vol.81, No.2, pp. 2791-2818, 2024, DOI:10.32604/cmc.2024.055463 - 18 November 2024

Abstract Ransomware has emerged as a critical cybersecurity threat, characterized by its ability to encrypt user data or lock devices, demanding ransom for their release. Traditional ransomware detection methods face limitations due to their assumption of similar data distributions between training and testing phases, rendering them less effective against evolving ransomware families. This paper introduces TLERAD (Transfer Learning for Enhanced Ransomware Attack Detection), a novel approach that leverages unsupervised transfer learning and co-clustering techniques to bridge the gap between source and target domains, enabling robust detection of both known and unknown ransomware variants. The proposed method More >

Amardeep Singh¹, Hamad Ali Abosaq², Saad Arif³, Zohaib Mushtaq^4,*, Muhammad Irfan⁵, Ghulam Abbas⁶, Arshad Ali⁷, Alanoud Al Mazroa⁸

CMC-Computers, Materials & Continua, Vol.79, No.1, pp. 857-873, 2024, DOI:10.32604/cmc.2024.048036 - 25 April 2024

Abstract Data security assurance is crucial due to the increasing prevalence of cloud computing and its widespread use across different industries, especially in light of the growing number of cybersecurity threats. A major and ever-present threat is Ransomware-as-a-Service (RaaS) assaults, which enable even individuals with minimal technical knowledge to conduct ransomware operations. This study provides a new approach for RaaS attack detection which uses an ensemble of deep learning models. For this purpose, the network intrusion detection dataset “UNSW-NB15” from the Intelligent Security Group of the University of New South Wales, Australia is analyzed. In the… More >

Manal Abdullah Alohali¹, Muna Elsadig¹, Fahd N. Al-Wesabi², Mesfer Al Duhayyim³, Anwer Mustafa Hilal^4,*, Abdelwahed Motwakel⁴

Computer Systems Science and Engineering, Vol.46, No.3, pp. 3087-3102, 2023, DOI:10.32604/csse.2023.036802 - 03 April 2023

Abstract With the advent of the Internet of Things (IoT), several devices like sensors nowadays can interact and easily share information. But the IoT model is prone to security concerns as several attackers try to hit the network and make it vulnerable. In such scenarios, security concern is the most prominent. Different models were intended to address these security problems; still, several emergent variants of botnet attacks like Bashlite, Mirai, and Persirai use security breaches. The malware classification and detection in the IoT model is still a problem, as the adversary reliably generates a new variant… More >

Khaled M. Alalayah¹, Fatma S. Alrayes², Mohamed K. Nour³, Khadija M. Alaidarous¹, Ibrahim M. Alwayle¹, Heba Mohsen⁴, Ibrahim Abdulrab Ahmed⁵, Mesfer Al Duhayyim^6,*

Computer Systems Science and Engineering, Vol.46, No.3, pp. 3103-3119, 2023, DOI:10.32604/csse.2023.034034 - 03 April 2023

Abstract Malware is a ‘malicious software program that performs multiple cyberattacks on the Internet, involving fraud, scams, nation-state cyberwar, and cybercrime. Such malicious software programs come under different classifications, namely Trojans, viruses, spyware, worms, ransomware, Rootkit, botnet malware, etc. Ransomware is a kind of malware that holds the victim’s data hostage by encrypting the information on the user’s computer to make it inaccessible to users and only decrypting it; then, the user pays a ransom procedure of a sum of money. To prevent detection, various forms of ransomware utilize more than one mechanism in their attack… More >