Ransomware and Its Upsurge: Victimology, Attack Profiling, Precautionary and Response Strategies

Thumbnail Image
Date
2022-05
Authors
Chiranjeevi, Spoorthy
Major Professor
Guan, Yong
Advisor
Committee Member
Guan , Yong
Journal Title
Journal ISSN
Volume Title
Publisher
Authors
Research Projects
Organizational Units
Journal Issue
Is Version Of
Versions
Series
Department
Abstract
With time, the internet has guided us through social and economic progression both individually and collectively. It has paved the way to an unbeaten path that is attainable to one and all. This tool that has no bounds has inevitably become the platform for one of the colossal manifestations of cybercrime of this era. Malware has proven to be exceptionally efficient in maneuvering any version of a network, structure or device. In comparison to the existing forms of malware or viruses, ransomware appears to possess a distinctive trait that fabricates complexity into an already threatening situation. Though these attacks seem abstract, they can be predicted to get alarming any day. For a rather ancient malware, the stakes have seemed to increase exponentially. Surprisingly this menacing environment has not just been built around to strike at affluent and government organizations; it has failed to spare even the most common people of the society. Ransomware enables an actor to blackmail or coerce any victim into paying off through specified means. The consequences of ransomware can escalate from a mere nuisance to a loss of livelihood or even bankruptcy. Upon extensive research and groundwork, this subject has been reviewed, surveyed, and analyzed to grasp and apprehend an in-depth understanding. Detection and analysis techniques have been evaluated for assessment and discussion. Existing analysis and detection techniques were assessed separately and distinguished techniques were identified and explained. Upon perusal of these techniques and algorithms, advantages and disadvantages were derived and specified. Ransomware samples that were obtained from closed communities were analyzed using 1. Static analysis techniques: VirusTotal, Falcon Sandbox platform, and SolarAppScreener 2. Dynamic analysis techniques: Cuckoo sandboxing, RegShot and Process Monitor. A brief manual analysis on malware code was also made. A threat and security model was devised based on the constructed taxonomy and victimology profile created. A framework for precautionary actions was formulated incorporating the above factors. And a response strategy was also designed considering the aspects and vulnerabilities at each phase. Existing underlying security structures have been explored and prospective augmentation to those existing structures has been proposed. After inspecting and considering several factors, critical and essential measures have been recommended along with a brief "how to respond" section. Data has been obtained from numerous reliable sources to interpret attack and payment patterns and values. Although simple measures such as firewalls do aid in shielding your system, they could merely be an umbrella in a storm. From this comprehensive study, one would be allowed to shape a rather coherent perception of this theme.
Comments
Description
Keywords
Citation
DOI
Source
Subject Categories
Copyright
2022