WannaCry Ransomware: Analysis of Infection, Persistence, Recovery Prevention and Propagation Mechanisms-Reference-Cited by-同舟云学术

WannaCry Ransomware: Analysis of Infection, Persistence, Recovery Prevention and Propagation Mechanisms

Published:2019-03-29 Issue: Volume:1 Page:113-124
ISSN:1509-4553
Container-title:Journal of Telecommunications and Information Technology
language:
Short-container-title:JTIT

Author:

Akbanov Maxat,Vassilakis Vassilios G.,Logothetis Michael D.

Abstract

In recent years, we have been experiencing fast proliferation of diﬀerent types of ransomware targeting home users, companies and even critical telecommunications infrastructure elements. Modern day ransomware relies on sophisticated infection, persistence and recovery prevention mechanisms. Some recent examples that received signiﬁcant attention include WannaCry, Petya and BadRabbit. To design and develop appropriate defense mechanisms, it is important to understand the characteristics and the behavior of diﬀerent types of ransomware. Dynamic analysis techniques are typically used to achieve that purpose, where the malicious binaries are executed in a controlled environment and are then observed. In this work, the dynamic analysis results focusing on the infamous WannaCry ransomware are presented. In particular, WannaCry is examined, during its execution in a purpose-built virtual lab environment, in order to analyze its infection, persistence, recovery prevention and propagation mechanisms. The results obtained may be used for developing appropriate detection and defense solutions for WannaCry and other ransomware families that exhibit similar behaviors

Publisher

National Institute of Telecommunications

Subject

Electrical and Electronic Engineering,Computer Networks and Communications

Link

https://www.itl.waw.pl/czasopisma/JTIT/2019/1/113.pdf

Reference27 articles.

1. 1. D. O'Brien, "Ransomware 2017", Internet Security Threat Report, Symantec, July 2017 [Online]. Available: https://www.symantec.com/content/dam/symantec/docs/security-center/white-papers/istr-ransomware-2017-en.pdf

2. 2. K. Savage, P. Coogan, and H. Lau, "The evolution of ransomware", Security Response, Symantec, June 2015 [Online]. Available: http://www.symantec.com/content/en/us/enterprise/media/securityresponse/whitepapers/the-evolution-of-ransomware.pdf

3. 3. A. Zeichnick, "Self-propagating ransomware: What the WannaCry ransomworm means for you", May 2017 [Online]. Available: https://www.networkworld.com/article/3196993/security/self-propagating-ransomware-what-the-wannacry-ransomworm-means-for-you.html

4. 4. "Ransom.Wannacry", Symantec, May 2017 [Online]. Available: https://www.symantec.com/security-center/writeup/2017-051310-3522-99/

5. 5. "Petya - taking ransomware to the low level", Malwarebytes Labs, Jun. 2017 [Online]. Available: https://blog.malwarebytes.com/threat-analysis/2016/04/petya-ransomware/

Cited by 35 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Cybersecurity for Industry 5.0: trends and gaps;Frontiers in Computer Science;2024-07-26

2. The Downsides of Digital Currency and the Limits of its Normative Regulation;Financial Engineering;2024-04-16

3. Guarding the Galaxy: Satellite Ransomware and Countermeasures;2024 IEEE Aerospace Conference;2024-03-02

4. Enhancing Cybersecurity Protocols in Modern Healthcare Systems;Advances in Healthcare Information Systems and Administration;2024-02-09

5. A framework for cyber-risk insurance against ransomware: A mixed-method approach;International Journal of Information Management;2024-02