• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>International Journal of Security and Networks >Anatomy of ransomware malware: detection, analysis and reporting
【24h】

Anatomy of ransomware malware: detection, analysis and reporting

机译:赎金软件恶意软件的解剖:检测,分析和报告

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Rapidly increasing malware samples pose serious threat to cyber security especially when they are not getting detected by security tools and techniques. Malware writers obfuscate the malware samples to conceal malicious code inside a legitimate executable to evade antivirus solutions and tamper it without changing its genuine structure to exploit target machines and remain fully undetected (FUD). Thus, it is a major challenge before Cyber Clean operations run by various government agencies to monitor malicious activities in their official network. Ransomware is a malware that encrypts documents to breach information on victim machine and asks for ransom to provide the decryption key. This paper presents the results of static and dynamic analysis of nine prominent variants of ransomware samples obtained from renowned malware repositories. A test bed is prepared to analyse these samples in Cuckoo's sandbox environment to monitor altered files/directories, tampered registry keys, Command and Control (C&C) and accessed application programming interfaces (APIs). At the end of this paper, we present the observations from our experimental analysis and provide remedial measures to deal with these samples, which would more likely impact the future analysis of ransomware.
机译:迅速增加恶意软件样本对网络安全构成严重威胁,特别是当他们未被安全工具和技术进行检测到时。恶意软件作家对恶意软件样本组合在一起以隐藏合法可执行文件内的恶意代码,以逃避防病毒解决方案并篡改它而不改变其真正的结构来利用目标机器并保持完全未被发现(FUD)。因此,在各种政府机构运行的网络清洁运营之前,这是一个主要挑战,以监测其官方网络的恶意活动。 Ransomware是一个恶意软件,将文档加密以违反受害者的信息,并要求赎金提供解密密钥。本文介绍了从着名的恶意软件存储库获得的九件软件样本的九个突出变种的静态和动态分析结果。准备测试床以分析Cuckoo的沙箱环境中的这些样本,以监视更改的文件/目录,篡改的注册表项,命令和控制(C&C)以及访问的应用程序编程接口(API)。本文结束时,我们展示了我们的实验分析的观察,并提供了处理这些样本的补救措施,这更可能影响赎金软件的未来分析。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号