Analysis on ransomware characteristics using static analysis method / Maryam Adreena Mohd Mokhtaruddeen and Mohd Faris Mohd Fuzi
Ransomware attacks pose a serious risk to the security of both personal and business systems. Using evasion techniques, payload distribution, and infection methods, these attacks infiltrate systems and encrypt valuable files, then demand money in exchange for the decryption key. Current ransomware a...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Book Section |
| Language: | en |
| Published: |
College of Computing, Informatics and Media, UiTM Perlis
2023
|
| Subjects: | |
| Online Access: | https://ir.uitm.edu.my/id/eprint/100400/1/100400.pdf https://ir.uitm.edu.my/id/eprint/100400/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1833321744275865600 |
|---|---|
| author | Mohd Mokhtaruddeen, Maryam Adreena Mohd Fuzi, Mohd Faris |
| author_facet | Mohd Mokhtaruddeen, Maryam Adreena Mohd Fuzi, Mohd Faris |
| author_sort | Mohd Mokhtaruddeen, Maryam Adreena |
| building | Tun Abdul Razak Library |
| collection | Institutional Repository |
| content_provider | Universiti Teknologi Mara |
| content_source | UiTM Institutional Repository |
| continent | Asia |
| country | Malaysia |
| description | Ransomware attacks pose a serious risk to the security of both personal and business systems. Using evasion techniques, payload distribution, and infection methods, these attacks infiltrate systems and encrypt valuable files, then demand money in exchange for the decryption key. Current ransomware analysis tools can provide general information about malicious binaries, but there are limitation in providing specific information about the behaviour of a specific ransomware sample, making it difficult to protect end-user machines from unknown attacks, particularly the most recent ransomware variants. This project intends to investigate the most recent ransomware attacks and study their characteristics using static analysis. A methodology for the static analysis of ransomware characteristics is proposed by utilising a secure lab environment, VMware Workstation and Windows operating system for host and guest, and various static analysis tools such as PeStudio, CFF Explorer, HxD, and HashMyFile to extract and analyse the functionalities of ransomware samples. The technology can detect unknown ransomware variants by recognising the variant's distinctive characteristics. Real-world ransomware samples were used to validate the methodology. This research provides significant information for security experts and researchers in the realm of cybersecurity and can aid in the protection of systems against ransomware attacks. |
| format | Book Section |
| id | my.uitm.ir-100400 |
| institution | Universiti Teknologi Mara |
| language | en |
| publishDate | 2023 |
| publisher | College of Computing, Informatics and Media, UiTM Perlis |
| record_format | eprints |
| spelling | my.uitm.ir-1004002024-09-27T08:46:02Z https://ir.uitm.edu.my/id/eprint/100400/ Analysis on ransomware characteristics using static analysis method / Maryam Adreena Mohd Mokhtaruddeen and Mohd Faris Mohd Fuzi Mohd Mokhtaruddeen, Maryam Adreena Mohd Fuzi, Mohd Faris System analysis. State-space methods Ransomware attacks pose a serious risk to the security of both personal and business systems. Using evasion techniques, payload distribution, and infection methods, these attacks infiltrate systems and encrypt valuable files, then demand money in exchange for the decryption key. Current ransomware analysis tools can provide general information about malicious binaries, but there are limitation in providing specific information about the behaviour of a specific ransomware sample, making it difficult to protect end-user machines from unknown attacks, particularly the most recent ransomware variants. This project intends to investigate the most recent ransomware attacks and study their characteristics using static analysis. A methodology for the static analysis of ransomware characteristics is proposed by utilising a secure lab environment, VMware Workstation and Windows operating system for host and guest, and various static analysis tools such as PeStudio, CFF Explorer, HxD, and HashMyFile to extract and analyse the functionalities of ransomware samples. The technology can detect unknown ransomware variants by recognising the variant's distinctive characteristics. Real-world ransomware samples were used to validate the methodology. This research provides significant information for security experts and researchers in the realm of cybersecurity and can aid in the protection of systems against ransomware attacks. College of Computing, Informatics and Media, UiTM Perlis 2023 Book Section PeerReviewed text en https://ir.uitm.edu.my/id/eprint/100400/1/100400.pdf Analysis on ransomware characteristics using static analysis method / Maryam Adreena Mohd Mokhtaruddeen and Mohd Faris Mohd Fuzi. (2023) In: Research Exhibition in Mathematics and Computer Sciences (REMACS 5.0). College of Computing, Informatics and Media, UiTM Perlis, pp. 189-190. ISBN 978-629-97934-0-3 |
| spellingShingle | System analysis. State-space methods Mohd Mokhtaruddeen, Maryam Adreena Mohd Fuzi, Mohd Faris Analysis on ransomware characteristics using static analysis method / Maryam Adreena Mohd Mokhtaruddeen and Mohd Faris Mohd Fuzi |
| title | Analysis on ransomware characteristics using static analysis method / Maryam Adreena Mohd Mokhtaruddeen and Mohd Faris Mohd Fuzi |
| title_full | Analysis on ransomware characteristics using static analysis method / Maryam Adreena Mohd Mokhtaruddeen and Mohd Faris Mohd Fuzi |
| title_fullStr | Analysis on ransomware characteristics using static analysis method / Maryam Adreena Mohd Mokhtaruddeen and Mohd Faris Mohd Fuzi |
| title_full_unstemmed | Analysis on ransomware characteristics using static analysis method / Maryam Adreena Mohd Mokhtaruddeen and Mohd Faris Mohd Fuzi |
| title_short | Analysis on ransomware characteristics using static analysis method / Maryam Adreena Mohd Mokhtaruddeen and Mohd Faris Mohd Fuzi |
| title_sort | analysis on ransomware characteristics using static analysis method / maryam adreena mohd mokhtaruddeen and mohd faris mohd fuzi |
| topic | System analysis. State-space methods |
| url | https://ir.uitm.edu.my/id/eprint/100400/1/100400.pdf https://ir.uitm.edu.my/id/eprint/100400/ |
| url_provider | http://ir.uitm.edu.my/ |