162 Hits in 5.8 sec

No Random, No Ransom: A Key to Stop Cryptographic Ransomware [chapter]

Ziya Alper Genç, Gabriele Lenzini, Peter Y. A. Ryan
2018 Lecture Notes in Computer Science  
To be effective, ransomware has to implement strong encryption, and strong encryption in turn requires a good source of random numbers.  ...  With this insight, we propose a strategy to mitigate ransomware attacks that considers pseudo random number generator functions as critical resources, controls accesses on their APIs and stops unauthorized  ...  This work is supported by a pEp Security SA / SnT partnership project "Protocols for Privacy Security Analysis".  ... 
doi:10.1007/978-3-319-93411-2_11 fatcat:zikyllkbtfbqdbsfxrlyvfiotu

Cipher, the Random and the Ransom: A Survey on Current and Future Ransomware [chapter]

Ziya Alper Genç, Gabriele Lenzini, Peter Y.A. Ryan
2017 Advances in Cybersecurity 2017  
This is likely just the beginning of a new era. According to a recent intelligence report by Cybersecurity Ventures, the total cost due to ransomware attacks is predicted to exceed $ billion in .  ...  In this paper, we describe existing techniques to mitigate ransomware and we discuss their limitations.  ...  This work is supported by a partnership between "pEp Security SA" and the Interdisciplinary Centre for Security, Reliability and Trust.  ... 
doi:10.18690/978-961-286-114-8.8 dblp:conf/cecc/GencLR17 fatcat:ubyx6yyg2zdednyfms2javxisa

NoCry: No More Secure Encryption Keys for Cryptographic Ransomware [chapter]

Ziya Alper Genç, Gabriele Lenzini, Peter Y. A. Ryan
2020 Lecture Notes in Computer Science  
Recently, Genç et al. proposed to stop a specific class of ransomware, the cryptographically strong one, by blocking unauthorized calls to cryptographically secure pseudo-random number generators, which  ...  are required to build strong encryption keys.  ...  Recalling UShallNotPass: No Random, No Ransom UShallNotPass [10] has been proposed as a solution to stop cryptographically strong ransomware attacks.  ... 
doi:10.1007/978-3-030-39749-4_5 fatcat:447l6jibovfzxnzwk4223ifehu

RansomClave: Ransomware Key Management using SGX [article]

Alpesh Bhudia, Daniel O'Keeffe, Daniele Sgandurra, Darren Hurley-Smith
2021 arXiv   pre-print
Modern ransomware often generate and manage cryptographic keys on the victim's machine, giving defenders an opportunity to capture exposed keys and recover encrypted data without paying the ransom.  ...  As a basis for comprehensive security and performance analysis of enclave-enhanced ransomware, we present RansomClave, a family of ransomware that securely manage their cryptographic keys using an enclave  ...  the ransomware attack is discovered and stopped mid-execution.  ... 
arXiv:2107.09470v1 fatcat:muq3z6rfuve4zl6to3sc627rjy

Next Generation Cryptographic Ransomware [chapter]

Ziya Alper Genç, Gabriele Lenzini, Peter Y. A. Ryan
2018 Lecture Notes in Computer Science  
Can we anticipate how such future generations of ransomware will work in order to start planning on how to stop them?  ...  We argue that among them there will be some which will try to defeat current anti-ransomware; thus, we can speculate over their working principle by studying the weak points in the strategies that seven  ...  Introduction Cryptographic ransomware, a breed of malware (also known as cryptoware) that encrypts files, makes them inaccessible, and asks for a ransom to decrypt them -an action that victims are unable  ... 
doi:10.1007/978-3-030-03638-6_24 fatcat:ik2znfv6kraojdt2a3nycbqwdy

Ransomware and the Legacy Crypto API [chapter]

Aurélien Palisse, Hélène Le Bouder, Jean-Louis Lanet, Colas Le Guernic, Axel Legay
2017 Lecture Notes in Computer Science  
Ransomware are malicious software that encrypt their victim's data and only return the decryption key in exchange of a ransom.  ...  The first one takes advantage of the weak mode of operation used by some ransomware. The second one intercept calls made to Microsoft's Cryptographic API.  ...  Acknowledgments The authors would like to thank Ronan Lashermes, Alexandre Gonzalvez and the anonymous reviewers for their valuable help and comments.  ... 
doi:10.1007/978-3-319-54876-0_2 fatcat:vzm3t7mhuzedjo46chpgcp3ise

RENTAKA: A Novel Machine Learning Framework for Crypto-Ransomware Pre-encryption Detection

Wira Z. A. Zakaria, Mohd Faizal Abdollah, Othman Mohd, S. M. Warusia Mohamed S. M. M Yassin, Aswami Ariffin
2022 International Journal of Advanced Computer Science and Applications  
The encryption employed had caused irreversible damage to the victim's digital files, even when the victim chose to pay the ransom.  ...  Crypto ransomware is malware that locks its victim's file for ransom using an encryption algorithm.  ...  All ransomware has a different look and various texts in the ransom note. Finally, the crypto-ransomware final stage shows an extortion message demanding a ransom in exchange for the decryption key.  ... 
doi:10.14569/ijacsa.2022.0130545 fatcat:bzaelbeyrfahzgbvkcqgvwjw7u

Data Aware Defense (DaD): Towards a Generic and Practical Ransomware Countermeasure [chapter]

Aurélien Palisse, Antoine Durand, Hélène Le Bouder, Colas Le Guernic, Jean-Louis Lanet
2017 Lecture Notes in Computer Science  
are themselves encrypted with an asymmetric cryptosystem, the ransom must be paid in order to get the corresponding private key.  ...  Each one corresponding to a specific behavior, such as ransom notes and metadata appended to files. These patterns suggest a criterion to distinguish reversible from non-reversible ransomware.  ... 
doi:10.1007/978-3-319-70290-2_12 fatcat:mktrjjtv6zckdfculelqiw2p64

Evaluation of live forensic techniques in ransomware attack mitigation

Simon R. Davies, Richard Macfarlane, William J. Buchanan
2020 Forensic Science International: Digital Investigation  
A description of how these found keys were then used to successfully decrypt files that had been encrypted during the execution of the ransomware is also given.  ...  The resulting generated timelines provided a excellent way to visualise the behaviour of the ransomware and the encryption key management practices it employed, and from a forensic investigation and possible  ...  One characteristic of cryptographic keys is that they are usually chosen at random. Most code and data is not chosen at random and it turns out that this differentiation is significant [44] .  ... 
doi:10.1016/j.fsidi.2020.300979 fatcat:snntue4a3rdwpin2wpd3wretgm

A Method for Decrypting Data Infected with Hive Ransomware [article]

Giyoon Kim, Soram Kim, Soojin Kang, Jongsung Kim
2022 arXiv   pre-print
Among the many types of malicious codes, ransomware poses a major threat. Ransomware encrypts data and demands a ransom in exchange for decryption.  ...  We have recovered the master key for generating the file encryption key partially, to enable the decryption of data encrypted by Hive ransomware.  ...  They reduced cryptographic key candidates by using the vulnerability of the Pseudo Random Number Generator (PRNG) that Magniber v2 ransomware uses to generate the cryptographic key, and conducted a study  ... 
arXiv:2202.08477v1 fatcat:ylojonlfrfa3ldx37zhcv7ivfq

Ransomware in Windows and Android Platforms [article]

Abdulrahman Alzahrani, Ali Alshehri, Hani Alshahrani, Huirong Fu
2020 arXiv   pre-print
Recent indiscriminate ransomware victimizations have imposed critical needs of effective detection techniques to prevent damages.  ...  Moreover, it highlights the strengths and shortcomings of those techniques and provides a comparison between them. Furthermore, it gives recommendations to users and system administrators.  ...  In this technique, the ransomware generates a random symmetric key (commonly referred to as a session key) for each targeted object (message, file, folder, etc.), and encrypts it by using its key.  ... 
arXiv:2005.05571v1 fatcat:7e3bx2ufsrhbhn3var5phejicy

Using Software- Defined networking for Ransomware Mitigation: A case of Cryptowall

Shirsat Harshad Jayavant
2018 International Journal for Research in Applied Science and Engineering Technology  
The making of crypto-ransomware' affected the world. A crypto-ransomware locks documents by encrypting them and requests for payment in turn for decryption key.  ...  Discovery of ransomware relies upon how rapidly and deliberately the framework logs can be dug to scan for pernicious exercises and stop assault.  ...  We sincerely wish to thank our project guide Prof. Renuka Deshpande for her ever encouraging and inspiring guidance helped us to make our project a success.  ... 
doi:10.22214/ijraset.2018.4631 fatcat:urudtzwzuffwdgregdkikp6mxy

A Secure and Smart Framework for Preventing Ransomware Attack [article]

Jaspreet Kaur PhD Scholar at CSE Department, Indian Institute of Technology Jodhpur, Jodhpur, India)
2020 arXiv   pre-print
Ransomware attack threaten the users by encrypting their most valuable data, lock the user screen, play some random videos and by various more means.  ...  In this paper, we propose a framework which prevent the ransomware attack more appropriately using various techniques as blockchain, honeypot, cloud & edge computing.  ...  ransom then it is a ransomware attack.  ... 
arXiv:2001.07179v1 fatcat:jeogxhm53re3dgpiy2rrtdlrkq

Extorsionware: Exploiting Smart Contract Vulnerabilities for Fun and Profit [article]

Alessandro Brighente, Mauro Conti, Sathish Kumar
2022 arXiv   pre-print
Thanks to the control gained over the SC, the attacker obliges the victim to pay a price to re-gain exclusive control of the SC.  ...  In this paper, we present extorsionware, a novel attack exploiting the public nature of vulnerable SCs to gain control over the victim's SC assets.  ...  Thanks to this, the attacker might be able to cause a continuous damage that allows for the request of a ransom to stop the exploitation. This concept is similar to a ransomware.  ... 
arXiv:2203.09843v2 fatcat:bxraky3zvff5fcb5lutlh3en34

A Survey on Ransomware: Evolution, Taxonomy, and Defense Solutions [article]

Harun Oz, Ahmet Aris, Albert Levi, A. Selcuk Uluagac
2021 arXiv   pre-print
Specifically, covering 137 studies over the period of 1990-2020, we give a detailed overview of ransomware evolution, comprehensively analyze the key building blocks of ransomware, present a taxonomy of  ...  However, no study exists in the literature that gives the complete picture on ransomware and ransomware defense research with respect to the diversity of targeted platforms.  ...  Encrypting Encryption is a malicious action implemented by cryptographic ransomware families that aim to prevent access to victim files unless a ransom is paid.  ... 
arXiv:2102.06249v1 fatcat:3n62zwlo2be47m3sinht5ts6bu
« Previous Showing results 1 — 15 out of 162 results