A Multi-Layer Defense Against Cryptographic Attacks: RANSOMWALL The Use of Machine Learning in Malware Attacks
Creators
- 1. PG student, Malineni Lakshmaiah Engineering College, Singarayakonda Prakasam.
- 2. Assistant Professor, ECE Department, Institute of Aeronautical Engineering, Hyderabad
Description
Finance, insurance, banking, real estate, medical, and public administration have been attacked. Scareware, an early form of Ransomware, tricks victims into believing their systems are infected with many viruses, spyware, and security issues. The victim buys a fake antivirus product and pays a ransom to remove infections. Awareness and better security software have greatly reduced this malware's threat. Locker ransomware like Reveton locks the user interface to block access to computing resources. It demands ransom using social engineering. Security vendors offer effective tools to restore the blocked user interface for most variants. Cryptographic Ransomware targets user data with family-specific extensions. Encrypting files with advanced algorithms prevents user data access. The user receives a ransom note threatening to delete hostage files permanently if payment is not made. Bitcoin ransom is demanded. To maintain operation, system files are not encrypted. The decryption key to restore encrypted files is not guaranteed after payment. Modern Cryptographic Ransomware uses symmetric (AES, Triple DES) and asymmetric (RSA, ECC) key cryptographic algorithms for encryption. Symmetric Keys generated by the victim encrypt user files.
Files
A Multi-Layer Defense Against Cryptographic Attacks RANSOMWALL The Use of Machine Learning in Malware Attacks.pdf
Files
(325.7 kB)
| Name | Size | Download all |
|---|---|---|
|
md5:1d633f071d7fedcc8c7dc71cef724dfb
|
325.7 kB | Preview Download |
Additional details
References
- 1. Barkly, "WannaCry Ransomware Statistics: The Numbers Behind the Outbreak," May 2017. [Online]. Available: https://blog.barkly.com/ wannacry-ransomware-statistics-2017
- 2. CNN Tech, "Ransomware attack: Who's been hit," May 2017. [Online]. Available: http://money.cnn.com/2017/05/15/technology/ ransomware-whos-been-hit/index.html
- 3. TechTarget, "Scareware," Aug 2010. [Online]. Available: http://whatis. techtarget.com/definition/scareware
- 4. F-Secure, "Trojan: W32/Reveton: Threat description," 2017. [Online]. Available: https://www.f-secure.com/v-descs/trojan_w32_reveton.shtml
- 5. Sophos, "The current state of ransomware: CTB-Locker," 2015. [Online]. Available: https://news.sophos.com/en-us/2015/12/31/ the-current-state-of-ransomware-ctb-locker
- 6. Panda Security, "CryptoLocker: What Is and How to Avoid it," 2015. [Online]. Available: http://www.pandasecurity.com/mediacenter/ malware/cryptolocker
- 7. SecureList, "WannaCry ransomware used in widespread attacks all over the world," May 2017. [Online]. Available: https://securelist.com/ wannacry-ransomware-used-in-widespread-attacks-all-over-the-world/ 78351
- 8. Virus Total, "Free Online Virus, Malware and URL Scanner," 2017. [Online]. Available: https://www.virustotal.com
- 9. Comodo, "How Antivirus Works," 2017. [Online]. Available: https: //antivirus.comodo.com/how-antivirus-software-works.php
- 10. Sentinel One, "The Truth About White listing," Dec 2014. [Online]. Available: https://sentinelone.com/2014/12/07/ the-truth-about-white listing