Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Filters
























245 Hits in 6.6 sec

Software-defined networking-based crypto ransomware detection using HTTP traffic characteristics

Krzysztof Cabaj, Marcin Gregorczyk, Wojciech Mazurczyk
2018 Computers & electrical engineering  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (770.2 kB)
https://web.archive.org/web/20201010171428/https://arxiv.org/pdf/1611.08294v1.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:

2016 pre-print arXiv:1611.08294v1 fatcat:f7y6v4vkkfddrhp6puzzgkriri
In this paper we present a novel Software-Defined Networking (SDN) based detection approach that utilizes characteristics of ransomware communication.  ...  Based on the observation of network communication of two crypto ransomware families, namely CryptoWall and Locky we conclude that analysis of the HTTP messages' sequences and their respective content sizes  ...  Software-defined networking (SDN) is now one of the emerging networking paradigms [1] .  ... 
doi:10.1016/j.compeleceng.2017.10.012 fatcat:ms6lbsdc2fhj3ojdhdxv3pg52i
Multiple Versions
Citation

Krzysztof Cabaj, Marcin Gregorczyk, Wojciech Mazurczyk. "Software-defined networking-based crypto ransomware detection using HTTP traffic characteristics." Computers & electrical engineering (2018) 353-368

Using Software-Defined Networking for Ransomware Mitigation: The Case of CryptoWall

Krzysztof Cabaj, Wojciech Mazurczyk
2016 IEEE Network  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (616.7 kB)
https://web.archive.org/web/20191025143343/https://arxiv.org/pdf/1608.06673v1.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL. The file type is application/pdf.

Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:

2016 pre-print arXiv:1608.06673v1 fatcat:wamepcjc6bgmvojdhwvllyp5pa
In this paper we show how Software-Defined Networking (SDN) can be utilized to improve ransomware mitigation.  ...  Then we designed the SDN-based system, implemented using OpenFlow, which facilitates a timely reaction to this threat, and is a crucial factor in the case of crypto ransomware.  ...  These include hybrid approaches, classification-based methods that can detect ransomware based on its well-known network traffic characteristics, and pattern-based methods for automatic detection of the  ... 
doi:10.1109/mnet.2016.1600110nm fatcat:3h2wsrsqhnhnpibyai6ujg4gle
Multiple Versions
Citation

Krzysztof Cabaj, Wojciech Mazurczyk. "Using Software-Defined Networking for Ransomware Mitigation: The Case of CryptoWall." IEEE Network 30.6 (2016) 14-20

A Survey of Crypto Ransomware Attack Detection Methodologies: An Evolving Outlook

Abdullah Alqahtani, Frederick T. Sheldon
2022 Sensors  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.1 MB)
https://web.archive.org/web/20220504103327/https://mdpi-res.com/d_attachment/sensors/sensors-22-01837/article_deploy/sensors-22-01837-v2.pdf?version=1645954235

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL. The file type is application/pdf.

The state-of-the-art crypto ransomware early detection models rely on specific data acquired during the runtime of an attack's lifecycle.  ...  Due to its unique characteristics, ransomware has attracted the attention of security professionals and researchers toward achieving safer and higher assurance systems that can effectively detect and prevent  ...  In a similar manner, Cabaj, Gregorczyk [26] used Software Defined Networking (SDN) approaches to track http packet patterns and item sizes to discover the cryptoWall class.  ... 
doi:10.3390/s22051837 pmid:35270983 pmcid:PMC8914995 fatcat:l7jjraawwfdpplviiwzwlwdfpy
DOAJ
Citation

Abdullah Alqahtani, Frederick T. Sheldon. "A Survey of Crypto Ransomware Attack Detection Methodologies: An Evolving Outlook." Sensors 22.5 (2022) 1837

Recent Advances in Cryptovirology: State-of-the-Art Crypto Mining and Crypto Ransomware Attacks

2019 KSII Transactions on Internet and Information Systems  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.9 MB)
https://web.archive.org/web/20200505080443/http://www.itiis.org/digital-library/manuscript/file/22141/TIISVol13No6-27.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

Such evidence can be used as seed into intrusion detection systems for mitigation purposes.  ...  We examine three cryptoviral attack structures: browser-based crypto mining, memory resident crypto mining and cryptoviral extortion.  ...  The captured network traffic statistics are shown in Fig. 14.  ... 
doi:10.3837/tiis.2019.06.027 fatcat:nyeikojtzraarhpppv7tzsdtmy
Citation

"Recent Advances in Cryptovirology: State-of-the-Art Crypto Mining and Crypto Ransomware Attacks." KSII Transactions on Internet and Information Systems 13.6 (2019)

Encryption analysis of AES-Cipher Block Chaining performance in Crypto-Wall Ransomware and SDN based mitigation

Anish Pillai, M S. Vasanthi, Ruturaj Kadikar, B Amutha
2018 International Journal of Engineering & Technology  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (566.9 kB)
https://web.archive.org/web/20180720174442/https://www.sciencepubco.com/index.php/ijet/article/download/11997/4722

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL. The file type is application/pdf.

Modern ransomware behaviour indicates propagation of the malware from the host victim to other computers and shared drives within its network.  ...  The time taken for CryptoWall ransomware encryption using AES- CBC is observed for various data sizes and a SDN approach for ransomware threat mitigation is discussed.  ...  Acknowledgement We would like to express our gratitude to the research group, Software Defined Research Lab, Department of Computer Science Engineering, SRM Institute of Science and Technology, Kattankulathur  ... 
doi:10.14419/ijet.v7i2.24.11997 fatcat:z5bkyo4jqzctjagtut7mf455qa
Open Access
Citation

Anish Pillai, M S. Vasanthi, Ruturaj Kadikar, B Amutha. "Encryption analysis of AES-Cipher Block Chaining performance in Crypto-Wall Ransomware and SDN based mitigation." International Journal of Engineering & Technology 7.2.24 (2018) 47

A Survey on Situational Awareness of Ransomware Attacks—Detection and Prevention Parameters

Juan A. Herrera Silva, Lorena Isabel Barona López, Ángel Leonardo Valdivieso Caraguay, Myriam Hernández-Álvarez
2019 Remote Sensing  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (22.0 MB)
https://web.archive.org/web/20200210060154/https://res.mdpi.com/d_attachment/remotesensing/remotesensing-11-01168/article_deploy/remotesensing-11-01168.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

This survey also provides a classification of ransomware articles based on detection and prevention approaches.  ...  SA allows knowing what is happening in compromised devices and network communications through monitoring, aggregation, correlation, and analysis tasks.  ...  The main idea behind this proposal is the characterization of HTTP traffic and crypto ransomware communications, specifically CryptoWall and Locky.  ... 
doi:10.3390/rs11101168 fatcat:rgppyyyfarbolii2qbvjifo5wm
DOAJ Szczepanski
Citation

Juan A. Herrera Silva, Lorena Isabel Barona López, Ángel Leonardo Valdivieso Caraguay, Myriam Hernández-Álvarez. "A Survey on Situational Awareness of Ransomware Attacks—Detection and Prevention Parameters." Remote Sensing 11.10 (2019) 1168

A Crypto-Steganography Approach for Hiding Ransomware within HEVC Streams in Android IoT Devices

Iman Almomani, Aala Alkhayer, Walid El-Shafai
2022 Sensors  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (2.1 MB)
https://web.archive.org/web/20220620075141/https://mdpi-res.com/d_attachment/sensors/sensors-22-02281/article_deploy/sensors-22-02281-v2.pdf?version=1647777257

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL. The file type is application/pdf.

., ransomware) and for defensive or offensive purposes. This paper introduces a hybrid crypto-steganography approach for ransomware hiding within high-resolution video frames.  ...  Initially, AES encrypts the secret Android ransomware data, and then LSB embeds it based on random selection criteria for the cover video pixels.  ...  In the first technique, the malicious software is concealed by simulating the network traffic of a benign app.  ... 
doi:10.3390/s22062281 pmid:35336452 pmcid:PMC8955722 fatcat:kye35ukuxvfunbxixhm7d453uq
DOAJ
Citation

Iman Almomani, Aala Alkhayer, Walid El-Shafai. "A Crypto-Steganography Approach for Hiding Ransomware within HEVC Streams in Android IoT Devices." Sensors 22.6 (2022) 2281

A Review on File System-based Ransomware Detection

Srinivasa M
2020 International Journal for Research in Applied Science and Engineering Technology  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.3 MB)
https://web.archive.org/web/20200908191029/http://ijraset.com/fileserve.php?FID=31245

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

In this paper, we are comparing the existing model with our proposed model which is used for ransomware detection based on file indicators of compromise (IOC).  ...  It is becoming more sophisticated attack in evading detection of defense layer and continue grow rapidly. It has become challenging task to detect this ransomware attack at early stage.  ...  By using this method, we were able to identify and detect the ransomware family based on specific file behaviors.  ... 
doi:10.22214/ijraset.2020.31245 fatcat:xozkwraq4ndsjnrteqoq5lm4gu
Open Access
Citation

Srinivasa M. "A Review on File System-based Ransomware Detection." International Journal for Research in Applied Science and Engineering Technology 8.8 (2020) 1447-1451

Open Repository for the Evaluation of Ransomware Detection Tools

Eduardo Berrueta, Daniel Morato, Eduardo Magana, Mikel Izal
2020 IEEE Access  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.4 MB)
https://web.archive.org/web/20201108013641/https://ieeexplore.ieee.org/ielx7/6287639/8948470/09050526.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

These data have already been used successfully in the evaluation of a network-based ransomware detection algorithm.  ...  INDEX TERMS Ransomware, open repository, traffic analysis.  ...  It can be useful for testing some tools that detect the ransomware based on local I/O operations.  ... 
doi:10.1109/access.2020.2984187 fatcat:d5pw22wmdnconnsqmy4pnsiwsy
DOAJ
Citation

Eduardo Berrueta, Daniel Morato, Eduardo Magana, Mikel Izal. "Open Repository for the Evaluation of Ransomware Detection Tools." IEEE Access (2020) 1-1

Mitigating Sodinokibi Ransomware Attack on Cloud Network Using Software-Defined Networking (SDN)

Rusydi Umar, Imam Riadi, Ridho Surya Kusuma
2021 International Journal of Safety and Security Engineering  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.7 MB)
https://web.archive.org/web/20220518120004/https://www.iieta.org/download/file/fid/58308

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL. The file type is application/pdf.

Based on the percentage data, SDN-based mitigation in this study is per the objectives to make it possible to mitigate Ransomware attacks on computer network traffic.  ...  The mitigation process is carried out through static, dynamic, and Software-Defined Networking (SDN) analysis to prevent the impact of attacks through programmatic network management.  ...  the system detects ransomware network traffic by identifying the IP Address and port that OpenFlow passes through and based on the data in Table 9 .  ... 
doi:10.18280/ijsse.110304 fatcat:rdevk64y6ndkdh72hvsa5ct4ve
Citation

Rusydi Umar, Imam Riadi, Ridho Surya Kusuma. "Mitigating Sodinokibi Ransomware Attack on Cloud Network Using Software-Defined Networking (SDN)." International Journal of Safety and Security Engineering 11.3 (2021) 239-246

A Comparative Performance Analysis of Explainable Machine Learning Models With And Without RFECV Feature Selection Technique Towards Ransomware Classification [article]

Rawshan Ara Mowri, Madhuri Siddula, Kaushik Roy
2022 arXiv   pre-print

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (3.2 MB)
https://web.archive.org/web/20221216151632/https://arxiv.org/pdf/2212.04864v1.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL. The file type is application/pdf.

classification utilizing the API call and network traffic features.  ...  ransomware detection, or classification.  ...  [31] used TShark for capturing and analyzing malicious network traffic activities followed by utilizing the WEKA ML tool to detect ransomware based on only 9 extracted features.  ... 
arXiv:2212.04864v1 fatcat:hm4vfvp4wvcdtn3dvfe3y4nu4e
Open Access
Citation

Rawshan Ara Mowri, Madhuri Siddula, Kaushik Roy. "A Comparative Performance Analysis of Explainable Machine Learning Models With And Without RFECV Feature Selection Technique Towards Ransomware Classification." arXiv (2022)

Trends and Future Directions in Automated Ransomware Detection

Abayomi Jegede, Ayotinde Fadele, Monday Onoja, Gilbert Aimufua, Ismaila Jesse Mazadu
2022 Journal of Computing and Social Informatics  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.1 MB)
https://web.archive.org/web/20221101092309/https://publisher.unimas.my/ojs/index.php/jcsi/article/download/4932/1747

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL. The file type is application/pdf.

A successful ransomware attack results in significant security and privacy violations with attendant financial losses and reputational damages to owners of computer-based resources.  ...  This makes it imperative for accurate, timely and reliable detection of ransomware.  ...  The technique extracts and models ransomware features based on three major characteristics of network traffic namely, connection-based, encryption-based, and certificate.  ... 
doi:10.33736/jcsi.4932.2022 fatcat:divmlxpnmffd7aqh4t5uzanvlu
Open Access
Citation

Abayomi Jegede, Ayotinde Fadele, Monday Onoja, Gilbert Aimufua, Ismaila Jesse Mazadu. "Trends and Future Directions in Automated Ransomware Detection." Journal of Computing and Social Informatics 1.2 (2022) 17-41

A Cyber-Kill-Chain based taxonomy of crypto-ransomware features

Tooska Dargahi, Ali Dehghantanha, Pooneh Nikkhah Bahrami, Mauro Conti, Giuseppe Bianchi, Loris Benedetto
2019 Journal in Computer Virology and Hacking Techniques  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.5 MB)
https://web.archive.org/web/20200306092706/http://usir.salford.ac.uk/id/eprint/51794/9/Dargahi2019_Article_ACyber-Kill-ChainBasedTaxonomy.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

Wide range of features which are available in different families and versions of ransomware further complicates their detection and analysis.  ...  Therefore, a ransomware feature taxonomy would advance cyber defenders' understanding of associated risks of ransomware.  ...  In [176] , authors proposed the usage of software-defined networking (SDN) to mitigate ransomware attacks.  ... 
doi:10.1007/s11416-019-00338-7 fatcat:rjvlals56jclbei54t7pz2ra6q
Citation

Tooska Dargahi, Ali Dehghantanha, Pooneh Nikkhah Bahrami, Mauro Conti, Giuseppe Bianchi, Loris Benedetto. "A Cyber-Kill-Chain based taxonomy of crypto-ransomware features." Journal in Computer Virology and Hacking Techniques 15.4 (2019)

Ransomware in Windows and Android Platforms [article]

Abdulrahman Alzahrani, Ali Alshehri, Hani Alshahrani, Huirong Fu
2020 arXiv   pre-print

Preserved Fulltext

Web Archive Capture PDF (888.2 kB)
https://web.archive.org/web/20200528004109/https://arxiv.org/ftp/arxiv/papers/2005/2005.05571.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

Recent indiscriminate ransomware victimizations have imposed critical needs of effective detection techniques to prevent damages.  ...  This paper contributes a comprehensive overview of ransomware attacks and summarizes existing detection and prevention techniques in both Windows and Android platforms.  ...  Messages can be encrypted by using the Transport Layer Security (TLS). Thus, it is more difficult to detect ransomware using anti-malware software.  ... 
arXiv:2005.05571v1 fatcat:7e3bx2ufsrhbhn3var5phejicy
Citation

Abdulrahman Alzahrani, Ali Alshehri, Hani Alshahrani, Huirong Fu. "Ransomware in Windows and Android Platforms." arXiv (2020)

PayBreak

Eugene Kolodenker, William Koch, Gianluca Stringhini, Manuel Egele
2017 Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security - ASIA CCS '17  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (595.6 kB)
https://web.archive.org/web/20190218135405/https://static.aminer.org/pdf/20170130/pdfs/ccs/tuzs1wc6ylogvefi5rebfdixbzwq92rm.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL. The file type is application/pdf.

PayBreak is based on the insight that secure file encryption relies on hybrid encryption where symmetric session keys are used on the victim computer.  ...  Existing defenses against ransomware rely on ad-hoc mitigations that target the incorrect use of cryptography rather than generic live protection.  ...  Acknowledgements We would like to thank the anonymous reviewers for their insightful comments and our shepherd Guofei Gu for helping us improve the quality of this manuscript.  ... 
doi:10.1145/3052973.3053035 dblp:conf/ccs/KolodenkerKSE17 fatcat:3auytq6vhnabthxs2fank4ib3e
Citation

Eugene Kolodenker, William Koch, Gianluca Stringhini, Manuel Egele. "PayBreak." Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security - ASIA CCS '17 (2017) 599-611

« Previous Showing results 1 — 15 out of 245 results