A behavioural in‐depth analysis of ransomware infection

A behavioural in‐depth analysis of ransomware infection

Abstract Ransomware is a type of malware that has spread rapidly over the last 4 years, causing significant damage, especially in Windows environments. It is designed to encrypt or block victim's data, including documents, backups, and databases, unless a ransom is paid. In this study, the auth...

Full description

Bibliographic Details
Main Authors: Yassine Lemmou, Jean‐Louis Lanet, El Mamoun Souidi
Format: Article
Language:English
Published: Hindawi-IET 2021-01-01
Series:IET Information Security
Subjects:
invasive software
computer network security
Online Access:https://doi.org/10.1049/ise2.12004
Description
Summary:Abstract Ransomware is a type of malware that has spread rapidly over the last 4 years, causing significant damage, especially in Windows environments. It is designed to encrypt or block victim's data, including documents, backups, and databases, unless a ransom is paid. In this study, the authors present the results of their research on Windows crypto‐ransomware during the last 3 years by exploring and discussing the relevant ransomware behaviours. The results of this study can be used to identify or to detect the ransomware. Indeed, these behaviours were extracted from in‐depth manual analysis of more than 20 ransomware families, including the known and the recent families. In addition, some extracted behaviours were automatically searched for more than 200 different ransomware collected during 2019.
ISSN:1751-8709
1751-8717

Similar Items