An Assessment of Ransomware Detection Obfuscation and Prevention Methods

This is a research paper I co-authored that takes a look at ransomware. The project was super fun and I learned a lot about how ransomware works.

Preview

Ransomware is a popular malware that encrypts the files of infected systems and demands payment from the victims usually in the form of untraceable cryptocurrency in exchange for a decryption key. Ransomware gained a massive rise among cybercriminals and has risen in complexity in recent years as well as receiving mainstream-media attention in 2017 after mainstream attacks like WannaCry, Georgia, and Baltimore City ransomware attacks. While ransomware attacks on consumers have declined, enterprise ransomware attacks have seen a more than 300% increase in the last year. These outbreaks continue at an accelerated pace, despite efforts made to improve the detection and mitigation of ransomware. The purpose of this research is to assess the efficiency of current malware analysis methods and technologies in the detection of ransomware, as well as prevention methods to keep files safe using cloud computing. The experiments outlined in this paper were performed using antivirus engines and dynamic malware analysis against live obfuscated ransomware samples.

831KB

An_Assessment_of_Ransomware_Detection_Obfuscation_and_Prevention_Methods.pdf

PDF

Open

Ransomware paper