Research Article
Modified Decision Tree Technique for Ransomware Detection at Runtime through API Calls
Table 2
Summary in detail of the existing literature (detection, classification, and computational models for RW).
| | | PC | Mobile | | Data Source | Statistics | Machine learning-based | Outcome | Accuracy | Ref. | Network | Windows | Mac | Linux | Raspberry | Android | IOS | Cloud | Dynamic analysis | Static analysis | Honeypot | Statistic | Random forest | Decision tree | Dimension reduction | Support vector machine | Clustering | Deep learning | Ensemble | Neural network | Regularization | Rule system | Regression | Binary classification | Multiclass classification | Clustering | Accuracy | True positive rate | False positive rate | True negative rate | False negative rate | Precision | Measure | Time |
| [16] | | | | x | | | | | | | | | | x | | | | | | | | | | x | | | x | x | x | | | | | | [17] | | | | | | | | | | x | | | | | | | | | | x | | | | x | | | x | | | x | x | | | x | [18] | | x | | | | | | | x | | | x | | | | | | | | | | | | | | | | | | | | | | | [19] | | x | | | | | | | | x | | | x | | | | | | | | | | | x | | | x | | | | | | | | [4] | | | | | | | | | | x | | | x | | | | | | | | | | | | | | | | x | | x | | | | [20] | | | | | | | | | x | | | | x | | | | | | | | | | | | | | | | x | | x | | | | [21] | | | | | | | | | x | x | | | x | | | | | | | | | | | | | | | | | | | | | | [22] | | | | | | | | | x | | | | | | | | | | | | | | x | | | | | | x | | x | | | | [23] | | x | | | | | | | | | | | x | | | | | | | | | | | x | | | | | | | | | | | [24] | | | | | | | | | | | | | | | | x | | | | | | | | | | | x | | | | | | | | [25] | | | | | | | | | | | | | | | | | | | | x | | | | | | | | | x | | x | | | | [26] | | | | | | | | | | | | | | | | | | | | x | | | | x | | | x | | | | | | | | Total | 0 | 3 | 0 | 1 | 0 | 0 | 0 | 0 | 4 | 4 | 0 | 1 | 5 | 1 | 0 | 1 | 0 | 0 | 0 | 3 | 0 | 0 | 1 | 5 | 0 | 0 | 5 | 1 | 5 | 1 | 5 | 0 | 0 | 1 |
|
|