Cipher, the Random and the Ransom: A Survey on Current and Future Ransomware

  title={Cipher, the Random and the Ransom: A Survey on Current and Future Ransomware},
  author={Ziya Alper Genç and Gabriele Lenzini and Peter Y. A. Ryan},
Although conceptually not new, ransomware recently regained attraction in the cybersecurity community: notorious attacks in fact have caused serious damage, proving their disruptive effect. This is likely just the beginning of a new era. According to a recent intelligence report by Cybersecurity Ventures, the total cost due to ransomware attacks is predicted to exceed $5 billion in 2017. How can this disruptive threat can be contained? Current anti-ransomware solutions are effective only… 

Figures from this paper

Ransomware Detection, Avoidance, and Mitigation Scheme: A Review and Future Directions

Detection Avoidance Mitigation (DAM), a theoretical framework to review and classify techniques, tools, and strategies to detect, avoid and mitigate Ransomware.

Ransomware Anti-Analysis and Evasion Techniques: A Survey and Research Directions

The anatomy of the malware’s invariant intrusions and infection vectors are illustrated, and the various anti-analysis and evasive techniques that are deployable by Ransomware are analyzed.

The Rise of Ransomware

Ransomware continues to be one of the most crucial cyber threats and is actively threatening IT users around the world and some related works in fighting this threat are discussed.

A Survey on Preventing Crypto Ransomware Using Machine Learning

  • Jitti Annie AbrahamSusan M George
  • Computer Science
    2019 2nd International Conference on Intelligent Computing, Instrumentation and Control Technologies (ICICICT)
  • 2019
Identity of the behavioral attributes can be used for choicest class accuracy and type of ransomware the use of machine learning algorithms and a prevention mechanism is also completed to the cryptographic ransomware variants.

Preventing Crypto Ransomware Using Machine Learning

This work identifies the behavioral attributes which can be used for choicest class accuracy and type of ransomware the using machine learning classification algorithms, and completes a prevention mechanism to the cryptographic ransomware variants.

Security Professionals Must Reinforce Detect Attacks to Avoid Unauthorized Data Exposure

The implication for practice can provide organizations with approaches on how to mitigate cyber exploits and safeguard the confidentiality, integrity, and availability of information by bridging the gap between incident detection and response.

Effective Strategies Small Business Leaders Use to Address Ransomware

Effective Strategies Small Business Leaders Use to Address Ransomware by William Jason Tuttle MS, Keller Graduate School, 2015 BS, DeVry, 2011 Doctoral Study Submitted in Partial Fulfillment of the



PayBreak: Defense Against Cryptographic Ransomware

The approach, prototype implementation, and evaluation of a novel, automated, and most importantly proactive defense mechanism against ransomware, called PayBreak, which effectively combats ransomware, and keeps victims' files safe.

ShieldFS: a self-healing, ransomware-aware filesystem

ShieldFS, an add-on driver that makes the Windows native filesystem immune to ransomware attacks, is proposed and evaluated in real-world working conditions on real, personal machines, against samples from state of the art ransomware families.

UNVEIL: A large-scale, automated approach to detecting ransomware (keynote)

The evaluation shows that UNVEIL significantly improves the state of the art, and is able to identify previously unknown evasive ransomware that was not detected by the antimalware industry.

CryptoLock (and Drop It): Stopping Ransomware Attacks on User Data

CryptoDrop is presented, an early-warning detection system that alerts a user during suspicious file activity that significantly mitigates the amount of victim data loss and can be parameterized for rapid detection with low false positives.

Awareness Education as the Key to Ransomware Prevention

Understanding of pertinent issues in information security vis-a-vis technical, theoretical, managerial, and regulatory aspects of information systems is becoming increasingly important to the IT community.

White-Box Cryptography and an AES Implementation

Encrypted-composed-function methods intended to provide a practical degree of protection against white-box (total access) attacks in untrusted execution environments are discussed.

White-Box Cryptography Revisited: Space-Hard Ciphers

This paper revisitswhite-box cryptography and proposes a family of white-box secure block ciphers SPACE with several novel features, including a high level of space hardness, which can mitigate the damage of having malware in security-critical systems such as networks processing top-secret data.

A generic attack against white box implementation of block ciphers

  • Yin JiaTingting LinXuejia Lai
  • Computer Science, Mathematics
    2016 International Conference on Computer, Information and Telecommunication Systems (CITS)
  • 2016
This work proposes a generic attack against a typical white box implementation of iterated block ciphers with Chow's techniques, which can be applied to blockciphers of different structures, and recovers the subkey efficiently.

Generating Adversarial Malware Examples for Black-Box Attacks Based on GAN

The superiority of MalGAN over traditional gradient based adversarial example generation algorithms is that MalGAN is able to decrease the detection rate to nearly zero and make the retraining based defensive method against adversarial examples hard to work.

Rootkits: Subverting the Windows Kernel

Rootkits, two of the world's leading experts have written the first comprehensive guide to rootkits: what they are, how they work, how to build them, and how to detect them.