This document summarizes 12 sources on topics related to cybersecurity threats such as spam, phishing, ransomware, and malware detection techniques. The sources discuss using machine learning algorithms and heuristic approaches to detect spam accounts, phishing websites, and ransomware variants. Some propose new techniques like using Twitter data and mobile messages to detect spam or combining feature selection with metaheuristic algorithms to identify phishing sites. Others analyze hyperlinks or topic distributions to identify phishing attacks or classify anti-phishing solutions. The document also mentions the rise of ransomware attacks and techniques used in related studies.

1. A Literature Review
Spammers have discovered that short message communication technologies, such as mobile and
microblogging social networks, are ideal platforms for disseminating unsolicited content (add
here reference 1). They have suggested a unified architecture that uses Twitter and mobile data
as test samples to detect spam messages and spam accounts. This paper investigated a bio-inspired
evolutionary search strategy to find a minimum number of attributes for spam account detection
on Twitter.
Apart from the developers' principal purposes, the Internet is in ubiquitous growth as a vital
component of daily social activities, and users are continually exposed to online risks. Such
vulnerabilities could result in the loss of crucial financial and personal data, as well as identity
theft in e-commerce (add reference 2). They have proposed a phishing website detection method
that combines a feature selection strategy with a meta-heuristic-based nonlinear regression
algorithm. This study has used two feature selection methods: decision tree and wrapper. Harmony
search (HS), which uses a nonlinear regression technique, and support vector machine, which uses
a support vector machine (SVM). The parameters of the suggested regression model were
produced using the HS technique, and the nonlinear regression approach was utilized to classify
the websites.
(add reference 3) stated that smartphone threats have evolved into one of the most significant
cyberspace risks; as a result, several commercial and academic solutions have been developed to
counter these threats. They have presented two injection techniques: benign permissions injection
and benign permissions-code injection. To produce disguised datasets based on a well-known
harmful dataset, the proposed injection assaults were combined with another technique termed app
re-signing attack.
Every electronic message has the potential to be a phishing attempt. If recipients misjudge the
threat, they risk identity theft, ransomware, malware, or worse for themselves and anyone
connected to them (add reference 4). If recipients overestimate the threat, they may pay
unnecessary expenses, which may reduce their willingness and ability to respond in the long run.
"Cognition about cognition" is how metacognition was defined in their study. It referred to people's
perceptions about their capacity to identify phishing emails.
Phishing is an online scam in which a phisher gains unauthorized access to a user's system to obtain
personal information in exchange for money. Phishing can be done in a variety of methods,
including through emails, phone calls, instant chats, adverts, and popups on websites, as well as
DNS poisoning, add reference 5. The research technique for this study was a full classification of
anti-phishing solutions. The purpose of this classification was to give a general overview of anti-
phishing solutions as well as the amount of research done in this field.

2. According to (add reference 6 here) the number of ransomware attacks has risen considerably in
recent years. Because the number of ransomware variations is growing, signature and heuristic-
based detection techniques are becoming more difficult to perform. In an attempt to characterize
all versions of each ransomware family into one model, they have constructed a prediction model
of ransomware. The process entailed constructing a safe environment to analyze the ransomware
samples as well as developing a classifier. In addition to this model, they have conducted a user
study to gain a better understanding of the ransomware deployment process.
Phishing is one of the most serious security risks on the Internet today. In this attack, the user
enters sensitive information like as credit card numbers, passwords, and other personal information
into a false website that appears to be legitimate add reference 7. This study proposed a novel
method for detecting phishing attacks by analyzing hyperlinks in the website's HTML source code.
To detect phishing attacks, the suggested technique added several unique and remarkable
hyperlink-specific properties. The proposed method split hyperlink-specific information into 12
categories and used these categories to train machine learning algorithms.
Reference 8 has stated that due to its widespread use, social media has become a common medium
for malevolent users known as social spammers to bombard regular users with undesirable content.
On social media, detecting spammers is always a difficult task. They have proposed a new
spammer classification method based on the LDA (Latent Dirichlet Allocation) topic model. Their
approach captured the spamming essence by retrieving both global and local data regarding topic
distribution patterns. One benchmark dataset and one self-gathered data set were used to test the
approach. In terms of average FI-score, this proposed approach surpasses previous state-of-the-art
approaches.
Cyber-attacks are becoming more sophisticated and thereby presenting increasing challenges in
accurately detecting intrusions add here reference 9. Failure to prevent the intrusions could
degrade the credibility of security services, e.g. data confidentiality, integrity, and
availability. AIDS methods can be categorized into three main groups: Statistics-based,
knowledge-based, and machine learning-based. A statistics-based IDS built a distribution model
for normal behavior profiles, then detected low probability events and flags them as potential
intrusions. Statistical AIDS essentially took into account the statistical metrics such as the
median, mean, mode, and standard deviation of packets.
According to the reference 10 ransomware is a type of complex and upgraded harmful software
that appears as Crypto or Locker and is designed to assault and take control of basic infrastructures
and computer systems. The great majority of these threats are designed to extract money from
victims. The research methodology section explained the procedures taken to review previous
work in the field of ransomware attacks and detection systems. They have also gone through how
the previous studies were chosen using a set of inclusion and exclusion criteria.

3. Phishing is a type of internet crime that involves collecting confidential information such as
passwords, account numbers, and credit card numbers stated in reference 11. Their study was
primarily focused on improving the system's ability to detect phishing websites. They have broken
down processes and procedures into the phases; Dataset selection, Comprehending the Dataset,
Training and cross-validation, Machine-learning algorithms with GAs for classification, and
classification without the use of GAs utilizing machine-learning techniques.
According to reference 12 contrary to popular belief, the Mac ecosystem is not unaffected by
malware. In 2014, the first known ransomware appeared. Mitigating anti-debugging techniques
were introduced by Apple which have two standard methods to detect and prevent applications
from being attacked by debuggers. Sysctl() retrieves information about a process and determines
its debugging status.