Ransomware Mitigation in the Modern Era: A Comprehensive Review, Research Challenges, and Future Directions

Although ransomware has been around since the early days of personal computers, its sophistication and aggression have increased substantially over the years. Ransomware, as a type of malware to extort ransom payments from victims, has evolved to deliver payloads in different attack vectors and on multiple platforms, and creating repeated disruptions and financial loss to many victims. Many studies have performed ransomware analysis and/or presented detection, defense, or prevention techniques for ransomware. However, because the ransomware landscape has evolved aggressively, many of those studies have become less relevant or even outdated. Previous surveys on anti-ransomware studies have compared the methods and results of the studies they surveyed, but none of those surveys has attempted to critique on the internal or external validity of those studies. In this survey, we first examined the up-to-date concept of ransomware, and listed the inadequacies in current ransomware research. We then proposed a set of unified metrics to evaluate published studies on ransomware mitigation, and applied the metrics to 118 such studies to comprehensively compare and contrast their pros and cons, with the attempt to evaluate their relative strengths and weaknesses. Finally, we forecast the future trends of ransomware evolution, and propose future research directions.

Centralized, Distributed, and Everything in between

The Internet of Things is taking hold in our everyday life. Regrettably, the security of IoT devices is often being overlooked. Among the vast array of security issues plaguing the emerging IoT, we decide to focus on access control, as privacy, trust, and other security properties cannot be achieved without controlled access. This article classifies IoT access control solutions from the literature according to their architecture (e.g., centralized, hierarchical, federated, distributed) and examines the suitability of each one for access control purposes. Our analysis concludes that important properties such as auditability and revocation are missing from many proposals while hierarchical and federated architectures are neglected by the community. Finally, we provide an architecture-based taxonomy and future research directions: a focus on hybrid architectures, usability, flexibility, privacy, and revocation schemes in serverless authorization.

Human Factors in Phishing Attacks: A Systematic Literature Review

Phishing is the fraudulent attempt to obtain sensitive information by disguising oneself as a trustworthy entity in digital communication. It is a type of cyber attack often successful because users are not aware of their vulnerabilities or are unable to understand the risks. This article presents a systematic literature review conducted to draw a “big picture” of the most important research works performed on human factors and phishing. The analysis of the retrieved publications, framed along the research questions addressed in the systematic literature review, helps in understanding how human factors should be considered to defend against phishing attacks. Future research directions are also highlighted.

Data Analytics for Air Travel Data: A Survey and New Perspectives

From the start, the airline industry has remarkably connected countries all over the world through rapid long-distance transportation, helping people overcome geographic barriers. Consequently, this has ushered in substantial economic growth, both nationally and internationally. The airline industry produces vast amounts of data, capturing a diverse set of information about their operations, including data related to passengers, freight, flights, and much more. Analyzing air travel data can advance the understanding of airline market dynamics, allowing companies to provide customized, efficient, and safe transportation services. Due to big data challenges in such a complex environment, the benefits of drawing insights from the air travel data in the airline industry have not yet been fully explored. This article aims to survey various components and corresponding proposed data analysis methodologies that have been identified as essential to the inner workings of the airline industry. We introduce existing data sources commonly used in the papers surveyed and summarize their availability. Finally, we discuss several potential research directions to better harness airline data in the future. We anticipate this study to be used as a comprehensive reference for both members of the airline industry and academic scholars with an interest in airline research.

A Survey on Blockchain Interoperability: Past, Present, and Future Trends

Blockchain interoperability is emerging as one of the crucial features of blockchain technology, but the knowledge necessary for achieving it is fragmented. This fact makes it challenging for academics and the industry to achieve interoperability among blockchains seamlessly. Given this new domain’s novelty and potential, we conduct a literature review on blockchain interoperability by collecting 284 papers and 120 grey literature documents, constituting a corpus of 404 documents. From those 404 documents, we systematically analyzed and discussed 102 documents, including peer-reviewed papers and grey literature. Our review classifies studies in three categories: Public Connectors, Blockchain of Blockchains, and Hybrid Connectors. Each category is further divided into sub-categories based on defined criteria. We classify 67 existing solutions in one sub-category using the Blockchain Interoperability Framework, providing a holistic overview of blockchain interoperability. Our findings show that blockchain interoperability has a much broader spectrum than cryptocurrencies and cross-chain asset transfers. Finally, this article discusses supporting technologies, standards, use cases, open challenges, and future research directions, paving the way for research in the area.

Graph Neural Networks: Taxonomy, Advances, and Trends

Graph neural networks provide a powerful toolkit for embedding real-world graphs into low-dimensional spaces according to specific tasks. Up to now, there have been several surveys on this topic. However, they usually lay emphasis on different angles so that the readers cannot see a panorama of the graph neural networks. This survey aims to overcome this limitation and provide a systematic and comprehensive review on the graph neural networks. First of all, we provide a novel taxonomy for the graph neural networks, and then refer to up to 327 relevant literatures to show the panorama of the graph neural networks. All of them are classified into the corresponding categories. In order to drive the graph neural networks into a new stage, we summarize four future research directions so as to overcome the challenges faced. It is expected that more and more scholars can understand and exploit the graph neural networks and use them in their research community.