CFP last date
20 May 2024
Call for Paper
June Edition
IJCA solicits high quality original research papers for the upcoming June edition of the journal. The last date of research paper submission is 20 May 2024

Submit your paper
Know more
The week's pick
Responsive image
Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin
Random Articles
Reseach Article

Ransomware Prevention and Mitigation Techniques

by Hesham Alshaikh, Nagy Ramadan, Hesham Ahmed Hefny
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 177 - Number 40
Year of Publication: 2020
Authors: Hesham Alshaikh, Nagy Ramadan, Hesham Ahmed Hefny
10.5120/ijca2020919899

Hesham Alshaikh, Nagy Ramadan, Hesham Ahmed Hefny . Ransomware Prevention and Mitigation Techniques. International Journal of Computer Applications. 177, 40 ( Feb 2020), 31-39. DOI=10.5120/ijca2020919899

@article{ 10.5120/ijca2020919899,
author = { Hesham Alshaikh, Nagy Ramadan, Hesham Ahmed Hefny },
title = { Ransomware Prevention and Mitigation Techniques },
journal = { International Journal of Computer Applications },
issue_date = { Feb 2020 },
volume = { 177 },
number = { 40 },
month = { Feb },
year = { 2020 },
issn = { 0975-8887 },
pages = { 31-39 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume177/number40/31171-2020919899/ },
doi = { 10.5120/ijca2020919899 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T00:48:17.022133+05:30
%A Hesham Alshaikh
%A Nagy Ramadan
%A Hesham Ahmed Hefny
%T Ransomware Prevention and Mitigation Techniques
%J International Journal of Computer Applications
%@ 0975-8887
%V 177
%N 40
%P 31-39
%D 2020
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Ransomware is a malware family that using security techniques such as cryptography to hijacking user files and associated resources and requests cryptocurrency in exchange for the locked data. There is no limit to who can be targeted by ransomware since it can be transmitted over the internet. Like traditional malware, ransomware may enter the system utilizing “social engineering, malware advertising, spam emails, take advantage of vulnerabilities, drive-by downloads or through open ports or by utilizing back doors”. But in contrast to traditional malware, even after removal, ransomware influence is irreparable and tough to alleviate its impact without its creator assistance. This kind of attack has a straightforward financial implication, which is fueled by encryption technology, cyber currency. Therefore, ransomware has turned into a profitable business that has obtained rising popularity between attackers. As stated by “Cybersecurity Ventures”, ransomware is the quickest increasing type of cybercrime. Since, global ransomware wastage expense is predicted to hit $20 billion in 2021, up from just $325 million in 2015 which, is 57X extra in 2021. In this paper, a brief of the recent research in the prevention of ransomware attacks and the best practices to mitigate the attack impact is presented.

References
  1. Popli N, Girdhar A. Behavioural Analysis of Recent Ransomware and Prediction of Future Attacks by Polymorphic and Metamorphic Ransomware. In Verma, Nishchal K, Ghosh, A. K. (eds) Computational Intelligence: Theories, Applications, and Future Directions - Volume II ICCI-2017. Springer, Singapore. 2018;799(4):65–80.
  2. Caporusso N, Chea S, Abukhaled R. A game-theoretical model of ransomware. In: Proceedings - International Conference on Applied Human Factors and Ergonomics 2018 Jul 21 (pp. 69-78). Springer, Cham.
  3. Morgan, Steve. “Cybersecurity Almanac: 100 Facts, Figures, Predictions and Statistics.” Cybercrime Magazine Cisco and Cybersecurity Ventures. 2019, https://www.cybersecurityventures.com/cybersecurity‐almanac‐2019.
  4. Maccari M, Polzonetti A, Sagratella M. Detection: Definition of New Model to Reveal Advanced Persistent Threat. InProceedings of the Future Technologies Conference 2018 Nov 15 (pp. 305-323). Springer, Cham.
  5. Al-rimy B, Maarof M, Shaid S. Ransomware threat success factors, taxonomy, and countermeasures: A survey and research directions. Computers and Security. 2018; 74:144-166.
  6. Rajput T. Evolving Threat Agents: Ransomware and their Variants. International Journal of Computer Applications. 2017 April;164(7):28-34.
  7. Kok S, Abdullah A, Jhanjhi N, Supramaniam M. Ransomware, Threat and Detection Techniques: A Review. IJCSNS International Journal of Computer Science and Network Security. 2019;19(2):136-146.
  8. Tandon A, Nayyar A. A Comprehensive Survey on Ransomware Attack: A Growing Havoc Cyberthreat. InData Management, Analytics and Innovation 2019 (pp. 403-420). Springer, Singapore.
  9. Zimba A, Chishimba M. On the Economic Impact of Cryptoransomware Attacks: The State of the Art on Enterprise Systems. European Journal for Security Research. 2019 January;4(1):3-31.
  10. BBC-News 2019, Baltimore ransomware attack: NSA faces questions, BBC-News, viewed 28 December 2019, https://www.bbc.com/news/technology-48423954/
  11. Wikipedia 2019, WannaCry ransomware attack, Wikipedia, viewed 28 December 2019, https://en.wikipedia.org/wiki/WannaCry_ransomware_attack/
  12. Goyal, P.; Kakkar, A.; Vinod, G. & Joseph, G. Crypto-Ransomware Detection Using Behavioral Analysis Reliability, Safety and Hazard Assessment for Risk-Based Technologies, Springer, 2020, 239-251.
  13. Grant L., Parkinson S. Identifying File Interaction Patterns in Ransomware Behavior. In: Parkinson S, Crampton A, Hill R. (eds) Guide to Vulnerability Analysis for Computer Networks and Systems. Springer, Cham. 2018;14:317-335.
  14. Kok SH, Abdullah A, JhanJhi NZ, Supramaniam M. Prevention of Crypto-Ransomware Using a Pre-Encryption Detection Algorithm. Computers. 2019 Dec;8(4):79.
  15. Scaife N, Carter H, Traynor P, Butler K. CryptoLock (and Drop It): Stopping Ransomware Attacks on User Data. In: Proceedings - International Conference on Distributed Computing Systems. 2016 August;2016:303-312.
  16. Wolf J. “Ransomware Detection.” Friedrich-Alexander-University Erlangen-Nuremberg. 2018.
  17. Continella A, Guagnelli A, Zingaro G, Pasquale G, Barenghi A, Zanero S, Maggi F. ShieldFS: A Self-healing, Ransomware-aware Filesystem. In: Proceedings - Annual Computer Security Applications Conference (ACSAC). 2016 December:336-347.
  18. Kharraz A, Kirda E. Redemption: Real-Time Protection Against Ransomware at End-Hosts. In: Dacier M, Bailey M, Polychronakis M, Antonakakis M. (eds) Research in Attacks, Intrusions, and Defenses. Springer. 2017;10453:98-119.
  19. Winter R, Ruiz R, Army B, Archer R. Cyber Autoimmune Disease When the Virtual Life Imitates the Real Life. International Journal of Cyber-Security and Digital Forensics (IJCSDF).2018;7(1):21-30.
  20. Lika R, Murugiah D, Brohi S, Ramasamy D. NotPetya: Cyber Attack Prevention through Awareness via Gamification. In: International Conference on Smart Computing and Electronic Enterprise (ICSCEE).2018:1-6.
  21. Zimba A, Wang Z, Chen H. Multi-stage crypto ransomware attacks: A new emerging cyber threat to critical infrastructure and industrial control systems. ICT Express. 2018;4(1):14-18
  22. Zimba A, Mulenga M. A Dive Into the Deep: Demystifying Wannacry Crypto-Ransomware Network Attacks Via Digital Forensics. International Journal on Information Technologies & Security. 2018;10:57-69.
  23. Almashhadani A, Kaiiali M, Sezer S, O'Kane P. A Multi-Classifier Network-Based Crypto-Ransomware Detection System: A Case Study of Locky Ransomware. IEEE Access. 2019;7:47053-47067.
  24. Akbanov M, Vassilakis VG, Logothetis MD. WannaCry Ransomware: Analysis of Infection, Persistence, Recovery Prevention, and Propagation Mechanisms. Journal of Telecommunications & Information Technology. 2019 Mar 1(1).
  25. Hull G, John H, Arief B. Ransomware deployment methods and analysis: views from a predictive model and human responses. Crime Science. 2019 February;8(1)1:22.
  26. Chen Q, Bridges R. Automated behavioral analysis of malware: A Case Study of Wannacry Ransomware. In: Proceedings - 16th IEEE International Conference on Machine Learning and Applications, (ICMLA) 2017. 2018 January:454-460.
  27. Verma M, Kumarguru D, Deb S, Gupta A. Analyzing indicator of compromises for ransomware: Leveraging IOCs with machine learning techniques. IEEE International Conference on Intelligence and Security Informatics, (ISI). 2018:154-159
  28. Ami O, Elovici Y, Hendler D. Ransomware prevention using application authentication-based file access control. In: The 33rd ACM/SIGAPP Symposium on Applied Computing. Pau, France. 2018 April:1610-1619.
  29. Chew C, Kumar V. Behavior Based Ransomware Detection. In: Proceedings - 34th International Conference on Computers and Their Applications. 2019;58:127-116.
  30. Lee K, Oh I, Yim K. Ransomware-prevention technique using key backup. Lecture Notes of the Institute for Computer Sciences, Social-Informatics, and Telecommunications Engineering (LNICST). 2017 August;194:105-114.
  31. Zimba A, Wang Z, Chishimba M. Addressing Crypto-Ransomware Attacks: Before You Decide whether To-Pay or Not-To. Journal of Computer Information Systems. 2019 January;4417:1-11.
  32. Zimba A, Wang Z, Simukonda L. Towards Data Resilience: The Analytical Case of Crypto-Ransomware Data Recovery Techniques. International Journal of Information Technology and Computer Science. 2018 January;10(1):40-51.
  33. Gómez-Hernández J, Álvarez-González L, García-Teodoro P. R-Locker: Thwarting ransomware action through a honey-file-based approach. Computers & Security. 2018;73:389-398.
  34. Wang Z, Cui X, Su S, Qiu J, Liu C, Tian Z. Automatically Traceback RDP-Based Targeted Ransomware Attacks. Wireless Communications and Mobile Computing. 2018;2018:1-13.
  35. Shaukat S, Ribeiro V. RansomWall: A Layered Defense System against Cryptographic Ransomware Attacks using Machine Learning. In: Proceedings - 10th International Conference on Communication Systems & Networks (COMSNETS). 2018:356-363.
Index Terms

Computer Science
Information Sciences

Keywords

Ransomware Cryptography Cryptocurrency Cybercrime Malware Cybersecurity Vulnerability Cyberattacks.

Powered by PhDFocusTM