Ransomware behavioural analysis on windows platforms

Hampton, Nikolai; Baig, Zubair; Zeadally, Sherali

Ransomware behavioural analysis on windows platforms

https://hdl.handle.net/10536/DRO/DU:30118052
Open external identifier URL

journal contribution

posted on 2018-06-01, 00:00 authored by Nikolai Hampton, Zubair BaigZubair Baig, Sherali Zeadally

Ransomware infections have grown exponentially during the recent past to cause major disruption in operations across a range of industries including the government. Through this research, we present an analysis of 14 strains of ransomware that infect Windows platforms, and we do a comparison of Windows Application Programming Interface (API) calls made through ransomware processes with baselines of normal operating system behaviour. The study identifies and reports salient features of ransomware as referred through the frequencies of API calls.

History

Related Materials

1.
DOI - Is version of https://doi.org/10.1016/j.jisa.2018.02.008

Location

Amsterdam, The Netherlands

Language

English

Publication classification

C Journal article, C1.1 Refereed article in a scholarly journal

Copyright notice

2018, Elsevier Ltd.

Journal

Journal of information security and applications

Volume

40

Pagination

44-51

ISSN

2214-2126

Publisher

Elsevier

Usage metrics

Keywords

Cryptovirology Cybersecurity Intrusion detection Malware Ransomware Win/32 School of Information Technology 4609 Information systems

Ransomware behavioural analysis on windows platforms

History

Related Materials

Location

Language

Publication classification

Copyright notice

Journal

Volume

Pagination

ISSN

Publisher

Usage metrics

Categories

Keywords

Licence

Exports