Regresar

Key indicators in ransomware detection

Abstract:

The growing number of devices sharing personal information and the privacy provided by cryptocurrencies have motivated the development of new attack vectors. In this way, ransomware is one of the most relevant threat due it requests users a bitcoin payment in order to recover their personal data. The main disadvantage of ransomware is the difficulty to recover the information once the attack has been executed. For this reason, it is fundamental the development of new proactive detection solutions and reactive strategies. The present work focuses on the analysis of Cryptolocker and WannaCry as the most relevant ransomware attacks. In this context, the configuration and implementation of a controlled environment through Sandbox is outlined. Similarly, the main parameters used in detection and pbkp_rediction strategies for analysis are described. Finally, a proof-of-concept of an automatic learning model based on the filtered information is presented

Año de publicación:

2019

Keywords:

  • CryptoLocker
  • ransomware
  • Cuckoo Sandbox
  • WannaCry
  • Malware analysis

Fuente:

scopusscopus

Tipo de documento:

Article

Estado:

Acceso restringido

Áreas de conocimiento:

  • Ciencias de la computación

Áreas temáticas:

  • Programación informática, programas, datos, seguridad

Contribuidores:

Freddy Daniel Bazante VelozFreddy Daniel Bazante Veloz
Myriam Hernández-AlvarezMyriam Hernández-Alvarez
Ángel Leonardo Valdivieso CaraguayÁngel Leonardo Valdivieso Caraguay
Lorena Isabel Barona LópezLorena Isabel Barona López