With the popularization of smart devices such as smartphones and pads, Android ransomware attacks are getting more serious. Ransomware is widely loved by hackers because of its directness that is difficult to recover and can be beneficial compared to other malicious software, which can also cause serious psychological and property damage to users. In order to protect smart devices from ransomware and reduce threats and losses, researchers do a lot of research on Android ransomware and suggest many practical detection techniques. In this paper, first, the characteristics of Android ransomware are summarized, and the existing research for detecting and defending ransomware on the Android platform is summarized to be comprehensively analyzed and compared. Finally, the problems of these solutions are pointed out, and corresponding suggestions and future research directions are presented.
Ransomware, a form of malware that unreadable a user’s or organization’s most important files or data, is not a new threat to computer security. These destructive and financially motivated attacks, where cybercriminals require payment to decrypt data and restore access, have been studied and documented for many years. Today’s reality shows that these attacks are becoming more prevalent, affecting essential services such as healthcare or gasoline supply. However, despite attempts to thwart these threats, ransomware continues to affect organizations in all industries, significantly disrupting business processes and critical national infrastructure services, and many organizations are looking for ways to better protect themselves. Organizations that continue to rely on legacy systems are particularly vulnerable to ransomware threats. This is because these systems may not be regularly patched and maintained.
Strong protection against ransomware (and many other threats) requires multiple layers of defense. The National Institute of Standards and Technology (NIST) describes five key features of a cybersecurity framework that serve as key pillars of a successful and comprehensive cybersecurity program in public or private sector organizations.