Timothy R. McIntosh, Teo Sušnjak, Tong Liu, Dan Xu, Paul Watters, Dongwei Liu, Y. Hao, Alex Ng, Malka N. Halgamuge,
Ransomware has grown to be a dominant cybersecurity threat, by exfiltrating, encrypting or destroying valuable user data, ... numerous disruptions to victims. The severity of the ransomware endemic has generated research interest from both the ... industry. However, many studies held stereotypical assumptions about ransomware, used unverified, outdated and limited self-collected ransomware samples, and did not consider government strategies, industry guidelines or cyber intelligence. We observed that ransomware no longer exists simply as an executable file ...
Tópico(s): Information and Cyber Security
2024 - Association for Computing Machinery | ACM Computing Surveys
Kenan Begovic, Abdulaziz Al‐Ali, Qutaibah Malluhi,
The ransomware threat has loomed over our digital life since 1989. Criminals use this type of cyber attack to ... to pay exorbitant amounts in ransom. The damage ransomware causes ranges from monetary losses paid for ransom at best to endangering human lives. Cryptographic ransomware, where attackers encrypt the victim's data, stands as the predominant ransomware variant. The primary characteristics of these attacks have remained the same since the first ransomware attack. For this reason, we consider this a ...
Tópico(s): Information and Cyber Security
2023 - Elsevier BV | Computers & Security
... Chap. 2 . Besides other threat event attack types, ransomware is probably the No. 1 challenge of threat ... that industrial, public, and private organizations are facing. Ransomware is a type of malware that typically locks ... and access returned to the targeted user, but ransomware comes in many forms. In this regard, ransomware is a type of malware used by cybercriminals ... information to complete the transaction. In this context, ransomware is a two-step-extortion: Step 1 is ... negotiate the ransom. However, over the past years, ransomware has emerged to Ransomware-as-a-Service (RaaS), ...
Tópico(s): Cybercrime and Law Enforcement Studies
2023 - Springer Nature | Advances in information security
Iman Almomani, Aala Alkhayer, Walid El‐Shafai,
Nowadays, ransomware is considered one of the most critical cyber-malware categories. In recent years various malware detection and ... This paper introduces an efficient End-to-End Ransomware Detection System (E2E-RDS) that comprehensively utilizes existing Ransomware Detection (RD) approaches. E2E-RDS considers reverse engineering the ransomware code to parse its features and extract the ... based RD. Moreover, E2E-RDS can keep the ransomware in its executable format, convert it to an ... the binary executable files of the benign and ransomware apps are converted into a 2D visual (color ...
Tópico(s): Network Security and Intrusion Detection
2023 - Multidisciplinary Digital Publishing Institute | Sensors
Timothy R. McIntosh, A. S. M. Kayes, Yi‐Ping Phoebe Chen, Alex Ng, Paul Watters,
... with Internet connectivity, have facilitated the proliferation of ransomware attacks. Ransomware has evolved from executable programs encrypting user files, ... fileless command scripts, information exfiltration and human-operated ransomware. Many anti-ransomware studies have been published, but many of them assumed newer ransomware variants only performed file encryption, were similar to ... novel attack vectors. We have defined an updated ransomware threat model to include those novel attack vectors, ...
Tópico(s): Network Security and Intrusion Detection
2023 - Elsevier BV | Computers & Security
Salwa Razaulla, Claude Fachkha, Christine Markarian, Amjad Gawanmeh, Wathiq Mansoor, Benjamin C. M. Fung, Chadi Assi,
The proliferation of ransomware has become a significant threat to cybersecurity in recent years, causing significant financial, reputational, and operational damage to individuals ... provide a comprehensive overview of the evolution of ransomware, its taxonomy, and its state-of-the-art ... contributions. We begin by tracing the origins of ransomware and its evolution over time, highlighting the key ... major trends. Next, we propose a taxonomy of ransomware that categorizes different types of ransomware based on ...
Tópico(s): Cybercrime and Law Enforcement Studies
2023 - Institute of Electrical and Electronics Engineers | IEEE Access
Muna Al-Hawawreh, Mamoun Alazab, Mohamed Amine Ferrag, M. Shamim Hossain,
... and systems, and distributed networks, sophisticated attacks like ransomware will likely target these systems in the near future. Researchers have focused on studying and addressing ransomware attacks against various platforms in recent years. However, ... no existing study investigates the new trends of ransomware tactics and techniques and provides a comprehensive analysis of ransomware attacks and their detection techniques for IIoT systems. ... in IIoT systems in various aspects, including recent ransomware tactics, types, infected operating systems, and platforms. Specifically, ...
Tópico(s): Smart Grid Security and Resilience
2023 - Elsevier BV | Journal of Network and Computer Applications
Gaddisa Olani Ganfure, Chun-Feng Wu, Yuan-Hao Chang, Wei‐Kuan Shih,
... in social engineering tricks and other technical shortcomings, ransomware attacks have become a severe cybercrime affecting organizations ... Although the security teams are making plenty of ransomware detection tools, the ransomware incident report shows they are ineffective in detecting emerging ransomware attacks. This work presents "RTrap," a systematic framework to detect and contain ransomware efficiently and effectively via machine learning-generated deceptive ... decoy files across the directory to lure the ransomware to access it. RTrap also introduced a lightweight ...
Tópico(s): Spam and Phishing Detection
2023 - Institute of Electrical and Electronics Engineers | IEEE Transactions on Information Forensics and Security
Amjad Alraizza, Abdulmohsen Algarni,
Ransomware attacks pose significant security threats to personal and corporate data and information. The owners of computer- ... monetary losses, and reputational damage due to successful ransomware assaults. As a result, it is critical to accurately and swiftly identify ransomware. Numerous methods have been proposed for identifying ransomware, each with its own advantages and disadvantages. The ... trends in and potential future debates on automated ransomware detection. This document includes an overview of ransomware, ...
Tópico(s): Network Security and Intrusion Detection
2023 - Multidisciplinary Digital Publishing Institute | Big Data and Cognitive Computing
ElMouatez Billah Karbab, Mourad Debbabi, Abdelouahid Derhab,
Ransomware has been largely exploited by cybercriminals to target individuals and organizations. In response to the increasing number and magnitude of ransomware attacks, it is important to consider the following problems when designing a ransomware fingerprinting solution: (i) how to make the solution ... SwiftR, a novel portable framework for cross-platform ransomware detection and fingerprinting. SwiftR provides an accurate ransomware detection capability that relies on raw hybrid features ... of 98%, 96%, and 94% is achieved for ransomware detection, segregation between ransomware and other malware, and ...
Tópico(s): Digital and Cyber Forensics
2023 - Elsevier BV | Expert Systems with Applications
Mingcan Cen, Frank Jiang, Xingsheng Qin, Qinghong Jiang, Robin Doss,
In recent years, ransomware attacks have exploded globally, and it has become one of the most significant cyber threats to digital infrastructure. Such ... companies, energy facilities, medical centers and government departments. Ransomware attackers use sophisticated encryption techniques to hijack victims' ... of such an attack. To protect systems from ransomware threats, malicious activities had better be detected earlier, ... the harmful behavior. Numerous studies have focused on ransomware threats and attempted to provide detection and prevention ...
Tópico(s): Spam and Phishing Detection
2023 - Elsevier BV | Computer Networks
P. Mohan Anand, P. V. Sai Charan, Sandeep K. Shukla,
Ransomware has been one of the most prevalent forms of malware over the previous decade, and it ... one of the most significant threats today. Recently, ransomware strategies such as double extortion and rapid encryption have encouraged attacker communities to consider ransomware as a business model. With the advent of Ransomware as a Service (RaaS) models, ransomware spread and operations continue to increase. Even though machine learning and signature-based detection methods for ransomware have been proposed, they often fail to achieve ...
Tópico(s): Digital and Cyber Forensics
2023 - Association for Computing Machinery | Digital Threats Research and Practice
Produção Nacional
Revisado por pares
Caio Moreira, Davi Carvalho Moreira, Claudomiro de S. de Sales,
... malware are harmful to computer systems; however, crypto-ransomware specifically leads to irreparable data loss and causes substantial economic prejudice. Ransomware attacks increased significantly during the COVID-19 pandemic, ... these attacks, we apply static analysis to detect ransomware by converting Portable Executable (PE) header files into ... and is more resilient against evasion techniques and ransomware evolution. The proposed method was evaluated using two datasets. The first contains 1000 ransomware and 1000 benign applications, on which the model ...
Tópico(s): Software Testing and Debugging Techniques
2023 - Elsevier BV | Computers & Security
Arunabha Mukhopadhyay, Swati Jain,
... a standard cyber kill chain process and install ransomware payloads using phishing emails on firms belonging to ... uses a mixed-method explanatory approach to mitigate ransomware attacks. We present the quantitative Ransomware Risk Management Model (R2M2) based on protection motivation theory (PMT). The Ransomware Risk Assessment module based on the threat appraisal ... assess the risk using predictive analytics techniques. The Ransomware Risk Quantification module uses collective risk modeling to compute the severity of a ransomware attack on an organization. The Ransomware Risk Mitigation ...
Tópico(s): Advanced Malware Detection Techniques
2023 - Elsevier BV | International Journal of Information Management
Wira Z. A. Zakaria, Mohd Faizal Abdollah, Othman Mohd, Shabeer Mohamed Yassin, Aswami Ariffin,
Crypto ransomware is malware that locks its victim’s file for ransom using an encryption algorithm. Its popularity has ... the ransom. As a result, cybercriminals have found ransomware a lucrative and profitable cyber-extortion approach. The ... memory, cryptography, and digital currency advancement have caused ransomware attacks. It spreads through phishing emails, encrypting sensitive ... harm to the designated client. Most research in ransomware detection focuses on detecting during the encryption and ... attack phase. However, the damage done by crypto-ransomware is almost impossible to reverse, and there is ...
Tópico(s): Information and Cyber Security
2022 - Science and Information Organization | International Journal of Advanced Computer Science and Applications
Muhammad Shabbir Abbasi, Harith Al-Sahaf, Masood Mansoori, Ian Welch,
Ransomware is malware that encrypts the victim’s data and demands a ransom for a decryption key. The increasing number of ransomware families and their variants renders the existing signature-based anti-ransomware techniques useless; thus, behavior-based detection techniques have gained popularity. A difficulty in behavior-based ransomware detection is that hundreds of thousands of system ... output, making the manual investigation and selection of ransomware-specific features infeasible. Moreover, manual investigation of the ...
Tópico(s): Information and Cyber Security
2022 - Elsevier BV | Applied Soft Computing
Umme Zahoora, Asifullah Khan, Muttukrishnan Rajarajan, Saddam Hussain Khan, Muhammad Asam, Tauseef Jamal,
Abstract Ransomware attacks pose a serious threat to Internet resources due to their far-reaching effects. It’s Zero- ... about them. In this regard, when used for ransomware attack detection, conventional machine learning approaches may become ... cost, and thus may not tackle zero-day ransomware attacks. Zero-day ransomware have normally unseen underlying data distribution. This paper ... Pareto Ensemble strategy, CSPE-R to detect novel Ransomware attacks. Initially, the proposed framework exploits the unsupervised ...
Tópico(s): Spam and Phishing Detection
2022 - Nature Portfolio | Scientific Reports
Harun Oz, Ahmet Arış, Albert Lévi, A. Selcuk Uluagac,
In recent years, ransomware has been one of the most notorious malware targeting end-users, governments, and business organizations. It has become a ... dollars. Numerous studies were proposed to address the ransomware threat, including surveys that cover certain aspects of ransomware research. However, no study exists in the literature that gives the complete picture on ransomware and ransomware defense research with respect to the diversity of targeted platforms. Since ransomware is already prevalent in PCs/workstations/desktops/laptops, ...
Tópico(s): Software Testing and Debugging Techniques
2022 - Association for Computing Machinery | ACM Computing Surveys
Hannah T. Neprash, Claire McGlave, Dori A. Cross, Beth A Virnig, Michael A. Puskarich, Jared D. Huling, Alan Z. Rozenshtein, Sayeh Nikpay,
... care delivery organizations face a growing threat from ransomware attacks that are designed to disrupt care delivery ... outcomes.To quantify the frequency and characteristics of ransomware attacks on health care delivery organizations.This cohort study used data from the Tracking Healthcare Ransomware Events and Traits database to examine the number and characteristics of ransomware attacks on health care delivery organizations from 2016 ... quantified changes over time in the characteristics of ransomware attacks that affected health care delivery organizations.Date ...
Tópico(s): Advanced Malware Detection Techniques
2022 - American Medical Association | JAMA Health Forum
Bahaa Yamany, Mahmoud Said Elsayed, Anca Delia Jurcut, Nashwa Abdelbaki, Marianne A. Azer,
Ransomware is a strain of malware that disables access to the user’s resources after infiltrating a victim’s system. Ransomware is one of the most dangerous malware organizations ... is how to decrypt the files encrypted by ransomware. Ransomware’s binary analysis can provide a means to characterize the relationships between different features used by ransomware families to track the ransomware encryption mechanism routine. In this paper, we compare the different ransomware detection approaches and techniques. We investigate the criteria, ...
Tópico(s): Spam and Phishing Detection
2022 - Multidisciplinary Digital Publishing Institute | Electronics
Eliando Eliando, Yunianto Purnomo,
... was carried out due to the prevalence of ransomware attacks, especially in Indonesia against data located at Endpoints, in early 2022 ransomware was enough to horrify the news in cyberspace and one of the ransomware that is quite worrying in Indonesia is LockBit 2.0 ransomware, so research is needed against the ransomware. The method used to research the ransomware is static analysis and dynamic analysis which will ... infection and persistence of the LockBit 2.0 ransomware, the static analysis method is used by reverse ...
Tópico(s): Blockchain Technology in Education and Learning
2022 - Mount Klabat College | CogITo Smart Journal
Eduardo Berrueta, D. Morató, Eduardo Magaña, Mikel Izal,
Ransomware is considered as a significant threat for home users and enterprises. In corporate scenarios, users' computers ... from shared servers. In these scenarios, one crypto-ransomware infected host is capable of locking the access ... propose a tool to detect and block crypto-ransomware activity based on file-sharing traffic analysis. The ... searches for patterns in the traffic that betray ransomware actions while reading and overwriting files. This is ... modifying files. The features allow the differentiation between ransomware activity and high activity from benign applications. We ...
Tópico(s): Spam and Phishing Detection
2022 - Elsevier BV | Expert Systems with Applications
Usman Tariq, Imdad Ullah, Mohammed Yousuf Uddin, Se Jin Kwon,
... major challenges IoMT has to face is widespread ransomware attacks; a malicious malware that encrypts the patients' ... the overall system functionality, mainly for ransom. These ransomware attacks would have several devastating consequences, such as ... several vital resources etc. This paper presents a ransomware analysis and identification architecture with the objective to detect and validate the ransomware attacks and to evaluate its accuracy using a ... time IoMT network, for experimenting various types of ransomware attacks. Following, we construct a comprehensive set of ...
Tópico(s): Information and Cyber Security
2022 - Multidisciplinary Digital Publishing Institute | Sensors
Iman Almomani, Aala Alkhayer, Walid El‐Shafai,
... whether it is benign or malicious (e.g., ransomware) and for defensive or offensive purposes. This paper introduces a hybrid crypto-steganography approach for ransomware hiding within high-resolution video frames. This proposed ... steganography process. Initially, AES encrypts the secret Android ransomware data, and then LSB embeds it based on ... proposed hybrid approach. We used different sizes of ransomware samples and different resolutions of HEVC (high-efficiency ... of (a) achieving the integrity of the secret ransomware data, (b) ensuring higher imperceptibility of stego video ...
Tópico(s): Digital Media Forensic Detection
2022 - Multidisciplinary Digital Publishing Institute | Sensors
Gaddisa Olani, Chun-Feng Wu, Yuan-Hao Chang, Wei‐Kuan Shih,
... year passed, rarely a month passes without a ransomware incident being published in a newspaper or social ... addition to the rise in the frequency of ransomware attacks, emerging attacks are very effective as they ... issue, this paper presents "DeepWare," which is a ransomware detection model inspired by deep learning and hardware ... hardware performance counters with deep learning to detect ransomware ," so as to identify ransomware efficiently and effectively. To be more specific, DeepWare ... behavioral features, which allows it to distinguish the ransomware activity from the benign one effectively. The experiment ...
Tópico(s): Anomaly Detection Techniques and Applications
2022 - Institute of Electrical and Electronics Engineers | IEEE Transactions on Computers
Giyoon Kim, Soram Kim, Soo‐Jin Kang, Jongsung Kim,
Among the many types of malicious codes, ransomware poses a major threat.Ransomware encrypts data and demands a ransom in exchange for decryption.As data recovery is impossible if the encryption ... important data.In this paper, we analyzed Hive ransomware, which appeared in June 2021.Hive ransomware has caused immense harm, leading the FBI to ... it.To minimize the damage caused by Hive Ransomware and to help victims recover their files, we analyzed Hive Ransomware and studied recovery methods.By analyzing the encryption ...
Tópico(s): Digital and Cyber Forensics
2022 - Elsevier BV | Journal of Information Security and Applications
Jian Du, Sajid Hussain Raza, Mudassar Ahmad, Iqbal Alam, Saadat Hanif Dar, Muhammad Asif Habib,
Ransomware is a malicious software that takes files hostage and demands ransomware to release them. It targets individuals, corporations, organizations, ... in the year 2019. The latest version of ransomware was developed using undetectable and nonanalysis techniques. This ... and density-based machine learning algorithm to detect ransomware pre-attacks on an endpoint system. The data ... machine learning algorithms to develop the more effective ransomware defensive solutions to detect and prevent ransomware pre- ...
Tópico(s): Network Security and Intrusion Detection
2022 - Hindawi Publishing Corporation | Security and Communication Networks
Yagiz Yilmaz, Orçun Çetin, Claudia Grigore, Budi Arief, Julio Hernández-Castro,
Ransomware remains one of the most prevalent cyberthreats to individuals and businesses alike. Psychological techniques are often employed by attackers when infecting victims’ devices with ransomware in an attempt to increase the likelihood of ... in effort to find new ways to prevent ransomware infections and victimisation from happening. Since employees and ... useful in preventing or mitigating the impact of ransomware attacks. Additionally, understanding victims’ psychological traits can help ... we investigated the relationship between personality types and ransomware victimisation to understand whether people with certain personality ...
Tópico(s): Information and Cyber Security
2022 - Association for Computing Machinery | Digital Threats Research and Practice
Fatimah Aldauiji, Omar Batarfi, Manal Bayousef,
Ransomware is one of the most harmful types of cyber attacks that cause major concerns on a ... data or locking systems to extort ransom payments. Ransomware has variant families that continue to evolve. Moreover. cybercriminals use advanced techniques to develop ransomware, making it harder for anti-malware detection systems to detect them. Ransomware solutions need the capabilities of timely and effective ... approach and different CTH models. Subsequently, we discussed ransomware research directions to detect known and unknown ransomware ...
Tópico(s): Network Security and Intrusion Detection
2022 - Institute of Electrical and Electronics Engineers | IEEE Access
Terrence August, Duy Dao, Marius Florin Niculescu,
Recently, the development of ransomware strains and changes in the marketplace for malware have greatly reduced the entry barrier for attackers to conduct large-scale ransomware attacks. In this paper, we examine how this ... ransom payment (which reflect the trustworthiness of the ransomware operator). We show that for intermediate levels of ... in a benchmark case involving traditional malware (non-ransomware) where the vendor decreases price as security risk increases. Social welfare is higher under ransomware compared with the benchmark in both sufficiently low- ...
Tópico(s): Information and Cyber Security
2022 - Institute for Operations Research and the Management Sciences | Management Science