Evil Offspring - Ransomware and Crypto Technology

@article{Orman2016EvilO,
  title={Evil Offspring - Ransomware and Crypto Technology},
  author={Hilarie K. Orman},
  journal={IEEE Internet Comput.},
  year={2016},
  volume={20},
  pages={89-94}
}
  • H. Orman
  • Published 1 September 2016
  • Computer Science
  • IEEE Internet Comput.
Crypto ransomware is increasingly clever. For anyone contending with it, it helps to know the options available to the malware writers and how they might be tripped up or deflected. 

Figures from this paper

Ransomware: Hostage Situation
TLDR
This annotated bibliography explores literature on the issues of malware and how to recover from and prevent disastrous attacks.
Towards Data Resilience: The Analytical Case of Crypto Ransomware Data Recovery Techniques
TLDR
The analyses have led to the conclusion that no matter how devastating a crypto ransomware attack might appear, the key to data recovery options lies in the underlying attack structure and the implemented data deletion methodology.
RansomClave: Ransomware Key Management using SGX
TLDR
It is found that some existing mitigations are likely to be effective during the key generation and encryption phases, but that RansomClave enables new trustless key release schemes that could potentially improve attacker’s profitability and, by extension, make enclaves an attractive target for future attackers.
Static and Dynamic Analysis of Third Generation Cerber Ransomware
  • Ilker Kara, M. Aydos
  • Computer Science
    2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT)
  • 2018
TLDR
A real life Ransomware attack on an official institute is investigated and fully analyzed and the results show that the source of the R ransomware attack has been shown to be traceable from the server's whois information.
SSD-Insider: Internal Defense of Solid-State Drive against Ransomware with Perfect Data Recovery
TLDR
A new approach to defending against ransomware inside NAND flash-based SSDs by proposing a new set of lightweight behavioral features on ran-somware's overwriting pattern, which are invariant across various ransomwares.
A Comprehensive Survey on Ransomware Attack: A Growing Havoc Cyberthreat
TLDR
The history, the modus operandi as well as the architecture of ransomware attack are explained, which appears to be one of the most unpleasant per-ware categories of the time.
An Intelligent Behavior-Based Ransomware Detection System For Android Platform
TLDR
RanDetector is introduced, a new automated and lightweight system for detecting ransomware applications in Android platform based on their behavior and investigates the appearance of some information that is related to ransomware operations in an inspected application before integrating some supervised machine learning models to classify the application.
A Comprehensive Study on Ransomware Attacks in Online Pharmacy Community
TLDR
This paper creates an awareness of the potential threat and defend against these types of phishing attacks and access patient summary records and threaten pharmacy owners to pay a substantial sum to prevent leaking confidential information.
RanDroid: Structural Similarity Approach for Detecting Ransomware Applications in Android Platform
TLDR
RanDroid is introduced, a new automated lightweight approach for detecting ransomware variants in Android platform by measuring the structural similarity between a set of collected information from an inspected application and aSet of predefined threatening information collected from known ransomware variants.
An Overview on Spora Ransomware
TLDR
The malware static and behavioral analysis is explained to characterize the Spora infection process and self-reproduction and overinfection of Spora are discussed.
...
...

References

SHOWING 1-10 OF 18 REFERENCES
Cryptovirology: extortion-based security threats and countermeasures
  • Adam L. Young, M. Yung
  • Computer Science, Mathematics
    Proceedings 1996 IEEE Symposium on Security and Privacy
  • 1996
TLDR
The idea of Cryptovirology is presented, which employs a twist on cryptography, showing that it can be used offensively to mount extortion based attacks that cause loss of access to information, loss of confidentiality, and information leakage, tasks which cryptography typically prevents.
Lawful Hacking: Using Existing Vulnerabilities for Wiretapping on the Internet
TLDR
This paper explores the viability and implications of an alternative method for addressing law enforcement's need to access communications: legalized hacking of target devices through existing vulnerabilities in end-­user software and platforms.
On Security in Publish/Subscribe Services: A Survey
TLDR
An introduction to the principles of securing event notification, and an analysis of the relevant state-of-the-art by both surveying the academic literature over the period 1998-2014 on secure publish/subscribe services and overviewing the current standards for the marketed products.
The use of a collegiate cyber defense competition in information security education
TLDR
The objective was to provide an environment where the teams could exercise their information technology abilities and do so in an operational mode where most information was not freely provided, but must be uncovered and discovered by the students in real time.
The Effect of College Activities and Grades on Job Placement Potential
The authors present results of a study examining the impact of grades and student activities involvement on recruiter preferences in business, education, and engineering.
Student involvement: A developmental theory for higher education.
Even a casual reading of the extensive literature on student development in higher education can create confusion and perplexity. One finds not only that the problems being studied are highly diverse
A Gendered Perspective on Student Involvement in Collegiate Clubs and Organizations in Christian Higher Education
The theory of student involvement (Astin, 1984) acknowledges that as students devote time and energy to educationally purposeful activities, they can expect to make cognitive and affective gains
IT-Adventures: A Program to Spark IT Interest in High School Students Using Inquiry-Based Learning With Cyber Defense, Game Design, and Robotics
TLDR
Details about the IT-Adventures program as well as the capstone event for students-the IT-Olympics are provided, including differences between students who compete in different content areas, and descriptive measures about the participants are provided.
Olympiad Studies: Competitions Provide Alternatives to Developing Talents That Serve National Interests
Competitions are used by many teachers at the grassroots level to develop the talents of their gifted students. Each year the top Mathematics, Chemistry, and Physics Olympiad students are identified
...
...