Affiliation:
1. IMT Atlantique and Inria
2. IMT Atlantique and Polytechnique Montréal
3. LHS-PEC, Inria
4. IMT Atlantique
Abstract
Ransomware remains an alarming threat in the 21st century. It has evolved from being a simple scare tactic into a complex malware capable of evasion. Formerly, end-users were targeted via mass infection campaigns. Nevertheless, in recent years, the attackers have focused on targeted attacks, since the latter are profitable and can induce severe damage. A vast number of detection mechanisms have been proposed in the literature. We provide a systematic review of ransomware countermeasures starting from its deployment on the victim machine until the ransom payment via cryptocurrency. We define four stages of this malware attack: Delivery, Deployment, Destruction, and Dealing. Then, we assign the corresponding countermeasures for each phase of the attack and cluster them by the techniques used. Finally, we propose a roadmap for researchers to fill the gaps found in the literature in ransomware’s battle.
Publisher
Association for Computing Machinery (ACM)
Subject
General Computer Science,Theoretical Computer Science
Reference114 articles.
1. Chainanalysis Team. 2014. Building trust in blockchains. https://www.chainalysis.com/. Chainanalysis Team. 2014. Building trust in blockchains. https://www.chainalysis.com/.
2. Victor Alvarez. 2014. YARA Rules. https://yara.readthedocs.io/en/latest/. Victor Alvarez. 2014. YARA Rules. https://yara.readthedocs.io/en/latest/.
3. Attention in Recurrent Neural Networks for Ransomware Detection
4. Connection-monitor & connection-breaker: A novel approach for prevention and detection of high survivable ransomwares
5. Ransomware detection and mitigation using software-defined networking: The case of WannaCry
Cited by
44 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献