Ransomware behavioural analysis on windows platforms

Hampton, Nikolai; Baig, Zubair; Zeadally, Sherali

Ransomware behavioural analysis on windows platforms

journal contribution

posted on 2018-06-01, 00:00 authored by Nikolai Hampton, Zubair BaigZubair Baig, Sherali Zeadally

Ransomware infections have grown exponentially during the recent past to cause major disruption in operations across a range of industries including the government. Through this research, we present an analysis of 14 strains of ransomware that infect Windows platforms, and we do a comparison of Windows Application Programming Interface (API) calls made through ransomware processes with baselines of normal operating system behaviour. The study identifies and reports salient features of ransomware as referred through the frequencies of API calls.

History

Journal

Journal of information security and applications

Volume

40

Pagination

44-51

Location

Amsterdam, The Netherlands

ISSN

2214-2126

Language

English

Publication classification

C Journal article, C1.1 Refereed article in a scholarly journal

Copyright notice

2018, Elsevier Ltd.

Publisher

Elsevier

Usage metrics

Keywords

Cryptovirology Cybersecurity Intrusion detection Malware Ransomware Win/32 School of Information Technology 4609 Information systems

Ransomware behavioural analysis on windows platforms

History

Journal

Volume

Pagination

Location

ISSN

Language

Publication classification

Copyright notice

Publisher

Usage metrics

Categories

Keywords

Licence

Exports