Experimental Analysis of Ransomware on Windows and Android Platforms: Evolution and Characterization
| Autor: | Monika, Pavol Zavarsky, Dale Lindskog |
|---|---|
| Rok vydání: | 2016 |
| Předmět: |
Computer science
business.industry 020206 networking & telecommunications 02 engineering and technology Computer security computer.software_genre Encryption 0202 electrical engineering electronic engineering information engineering Operating system Ransomware General Earth and Planetary Sciences 020201 artificial intelligence & image processing Android (operating system) business computer General Environmental Science |
| Zdroj: | FNC/MobiSPC |
| ISSN: | 1877-0509 |
| DOI: | 10.1016/j.procs.2016.08.072 |
| Popis: | The focus of the paper is on providing insights on how ransomware have evolved from its starting till March 2016 by analyzing samples of selected ransomware variants from existing ransomware families in Windows and Android environments. Seventeen Windows and eight Android ransomware families were analyzed. For each ransomware family, at least, three variants belonging to the same family were compared. The analysis revealed that ransomware variants behave in a very similar manner, but use different payloads. Our analysis shows that there has been a significant improvement in encryption techniques used by ransomware. The experimental results in Windows environment demonstrate that detection of ransomware is possible by monitoring abnormal filesystem and registry activities. In Android environment, our analysis reveals that likelihood of ransomware attacks can be reduced by paying a closer attention to permissions requested by the Android applications. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|