Dissecting .NET ransomware: key generation, encryption and operation. Issue 2 (February 2020)
- Record Type:
- Journal Article
- Title:
- Dissecting .NET ransomware: key generation, encryption and operation. Issue 2 (February 2020)
- Main Title:
- Dissecting .NET ransomware: key generation, encryption and operation
- Authors:
- Bajpai, Pranshu
Enbody, Richard - Abstract:
- Abstract : The threat of ransomware is ever growing. Not all ransomware types are created equal and the cryptosystems in some forms are more virulent than others. This article dissects eight real-world variants belonging to different families of .NET ransomware and provides insights into key generation, encryption and other aspects of the ransomware kill chain. We also summarise ransomware execution flow and dynamic library calls based on the collected evidence. While this analysis was carried out using .NET ransomware samples, the lessons learned from the empirical evidence apply to all modern forms of ransomware and can be used for building more effective ransomware solutions. The threat of ransomware is ever-growing, but not all ransomware types are created equal. The cryptosystems in some forms are more virulent than others. Pranshu Bajpai and Richard Enbody at Michigan State University dissect eight real-world variants belonging to different families of .NET ransomware and provide insights into key generation, encryption and other aspects of the ransomware kill chain. They also summarise ransomware execution flow and the use of dynamic library calls. The lessons learned apply to all forms of ransomware and can be used for building more effective ransomware solutions.
- Is Part Of:
- Network security. Volume 2020:Issue 2(2020)
- Journal:
- Network security
- Issue:
- Volume 2020:Issue 2(2020)
- Issue Display:
- Volume 2020, Issue 2 (2020)
- Year:
- 2020
- Volume:
- 2020
- Issue:
- 2
- Issue Sort Value:
- 2020-2020-0002-0000
- Page Start:
- 8
- Page End:
- 14
- Publication Date:
- 2020-02
- Subjects:
- Computer security -- Periodicals
Computer networks -- Security measures -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
Computers -- Access control -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/13534858 ↗
https://www.magonlinelibrary.com/journal/nese ↗
http://www.elsevier.com/journals ↗
http://www.elsevierscitech.com/nl/NS/home.asp ↗ - DOI:
- 10.1016/S1353-4858(20)30020-9 ↗
- Languages:
- English
- ISSNs:
- 1353-4858
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 6077.203970
British Library DSC - BLDSS-3PM
British Library HMNTS - Digital store
British Library HMNTS - ELD Digital store - Ingest File:
- 12925.xml