Paper published in a book (Scientific congresses, symposiums and conference proceedings)
Security Analysis of Key Acquiring Strategies Used by Cryptographic Ransomware
Genç, Ziya Alper; Lenzini, Gabriele; Ryan, Peter
2018In Advances in Cybersecurity 2018
Peer reviewed
 

Files


Full Text
glr2018.pdf
Author postprint (506.34 kB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
ransomware; key acquiring; security analysis; malware
Abstract :
[en] To achieve its goals, ransomware needs to employ strong encryption, which in turn requires access to high-grade encryption keys. Over the evolution of ransomware, various techniques have been observed to accomplish the latter. Understanding the advantages and disadvantages of each method is essential to develop robust defense strategies. In this paper we explain the techniques used by ransomware to derive encryption keys and analyze the security of each approach. We argue that recovery of data might be possible if the ransomware cannot access high entropy randomness sources. As an evidence to support our theoretical results, we provide a decryptor program for a previously undefeated ransomware.
Research center :
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Applied Security and Information Assurance Group (APSIA)
Disciplines :
Computer science
Author, co-author :
Genç, Ziya Alper ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Lenzini, Gabriele ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Ryan, Peter ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
External co-authors :
no
Language :
English
Title :
Security Analysis of Key Acquiring Strategies Used by Cryptographic Ransomware
Publication date :
2018
Event name :
Central European Cybersecurity Conference
Event date :
15–16 November 2018
Audience :
International
Main work title :
Advances in Cybersecurity 2018
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
FnR Project :
FNR12536861 - No more Cryptographic Ransomware - NoCry, 2018 (15/05/2018-14/09/2018) - Gabriele LENZINI
Funders :
FNR - Fonds National de la Recherche [LU]
Available on ORBilu :
since 19 September 2018

Statistics


Number of views
193 (14 by Unilu)
Number of downloads
730 (7 by Unilu)

Scopus citations®
 
8
Scopus citations®
without self-citations
7

Bibliography


Similar publications



Contact ORBilu