In-Depth Analysis of Ransom Note Files
During recent years, many papers have been published on ransomware, but to the best of our knowledge, no previous academic studies have been conducted on ransom note files. In this paper, we present the results of a depth study on filenames and the content of ransom files. We propose a prototype to...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2021-11-01
|
| Series: | Computers |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2073-431X/10/11/145 |
| _version_ | 1797510761312944128 |
|---|---|
| author | Yassine Lemmou Jean-Louis Lanet El Mamoun Souidi |
| author_facet | Yassine Lemmou Jean-Louis Lanet El Mamoun Souidi |
| author_sort | Yassine Lemmou |
| collection | DOAJ |
| description | During recent years, many papers have been published on ransomware, but to the best of our knowledge, no previous academic studies have been conducted on ransom note files. In this paper, we present the results of a depth study on filenames and the content of ransom files. We propose a prototype to identify the ransom files. Then we explore how the filenames and the content of these files can minimize the risk of ransomware encryption of some specified ransomware or increase the effectiveness of some ransomware detection tools. To achieve these objectives, two approaches are discussed in this paper. The first uses Latent Semantic Analysis (LSA) to check similarities between the contents of files. The second uses some Machine Learning models to classify the filenames into two classes—ransom filenames and benign filenames. |
| first_indexed | 2024-03-10T05:35:53Z |
| format | Article |
| id | doaj.art-e756da32a7414a7c82e55cda912082ec |
| institution | Directory Open Access Journal |
| issn | 2073-431X |
| language | English |
| last_indexed | 2024-03-10T05:35:53Z |
| publishDate | 2021-11-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Computers |
| spelling | doaj.art-e756da32a7414a7c82e55cda912082ec2023-11-22T22:56:59ZengMDPI AGComputers2073-431X2021-11-01101114510.3390/computers10110145In-Depth Analysis of Ransom Note FilesYassine Lemmou0Jean-Louis Lanet1El Mamoun Souidi2Faculty of Sciences, Mohammed V University in Rabat, LabMIASI, BP 1014 RP, Rabat 10000, MoroccoINRIA, LHS-PEC, 35042 Rennes, FranceFaculty of Sciences, Mohammed V University in Rabat, LabMIASI, BP 1014 RP, Rabat 10000, MoroccoDuring recent years, many papers have been published on ransomware, but to the best of our knowledge, no previous academic studies have been conducted on ransom note files. In this paper, we present the results of a depth study on filenames and the content of ransom files. We propose a prototype to identify the ransom files. Then we explore how the filenames and the content of these files can minimize the risk of ransomware encryption of some specified ransomware or increase the effectiveness of some ransomware detection tools. To achieve these objectives, two approaches are discussed in this paper. The first uses Latent Semantic Analysis (LSA) to check similarities between the contents of files. The second uses some Machine Learning models to classify the filenames into two classes—ransom filenames and benign filenames.https://www.mdpi.com/2073-431X/10/11/145ransomwareransom note filedetectionidentificationLatent Semantic AnalysisMachine Learning |
| spellingShingle | Yassine Lemmou Jean-Louis Lanet El Mamoun Souidi In-Depth Analysis of Ransom Note Files Computers ransomware ransom note file detection identification Latent Semantic Analysis Machine Learning |
| title | In-Depth Analysis of Ransom Note Files |
| title_full | In-Depth Analysis of Ransom Note Files |
| title_fullStr | In-Depth Analysis of Ransom Note Files |
| title_full_unstemmed | In-Depth Analysis of Ransom Note Files |
| title_short | In-Depth Analysis of Ransom Note Files |
| title_sort | in depth analysis of ransom note files |
| topic | ransomware ransom note file detection identification Latent Semantic Analysis Machine Learning |
| url | https://www.mdpi.com/2073-431X/10/11/145 |
| work_keys_str_mv | AT yassinelemmou indepthanalysisofransomnotefiles AT jeanlouislanet indepthanalysisofransomnotefiles AT elmamounsouidi indepthanalysisofransomnotefiles |