Detection and prevention of crypto-ransomware

Crypto-ransomware is a challenging threat that ciphers a user's files while hiding the decryption key until a ransom is paid by the victim. This type of malware is a lucrative business for cybercriminals, generating millions of dollars annually. The spread of ransomware is increasing as traditional detection-based protection, such as antivirus and anti-malware, has proven ineffective at preventing attacks. Additionally, this form of malware is incorporating advanced encryption algorithms and expanding the number of file types it targets. Cybercriminals have found a lucrative market and no one is safe from being the next victim. Encrypting ransomware targets business small and large as well as the regular home user. This paper discusses ransomware methods of infection, technology behind it and what can be done to help prevent becoming the next victim. The paper investigates the most common types of crypto-ransomware, various payload methods of infection, typical behavior of crypto ransomware, its tactics, how an attack is ordinarily carried out, what files are most commonly targeted on a victim's computer, and recommendations for prevention and safeguards are listed as well.

[1]  Stephanie Forrest,et al.  A sense of self for Unix processes , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[2]  Prashant Krishnamurthy,et al.  On limited-range strategic/random jamming attacks in wireless ad hoc networks , 2009, 2009 IEEE 34th Conference on Local Computer Networks.

[3]  Prashant Krishnamurthy,et al.  Secure Neighborhood Creation in Wireless Ad Hoc Networks using Hop Count Discrepancies , 2012, Mob. Networks Appl..

[4]  Thaier Hayajneh,et al.  Modeling and optimization of the lightweight HIGHT block cipher design with FPGA implementation , 2016, Secur. Commun. Networks.

[5]  Prashant Krishnamurthy,et al.  Detecting Malicious Packet Dropping in the Presence of Collisions and Channel Errors in Wireless Ad Hoc Networks , 2009, 2009 IEEE International Conference on Communications.

[6]  Athanasios V. Vasilakos,et al.  Secure Authentication for Remote Patient Monitoring with Wireless Medical Sensor Networks † , 2016, Sensors.

[7]  Sana Ullah,et al.  An Enhanced WLAN Security System With FPGA Implementation for Multimedia Applications , 2017, IEEE Systems Journal.

[8]  Sana Ullah,et al.  A Green Approach for Selfish Misbehavior Detection in 802.11-Based Wireless Networks , 2015, Mob. Networks Appl..

[9]  Athanasios V. Vasilakos,et al.  A survey on lightweight block ciphers for low-resource devices: Comparative study and open issues , 2015, J. Netw. Comput. Appl..

[10]  Thaier Hayajneh,et al.  An energy-efficient and security aware route selection protocol for wireless sensor networks , 2014, Secur. Commun. Networks.

[11]  Prashant Krishnamurthy,et al.  DeWorm: A Simple Protocol to Detect Wormhole Attacks in Wireless Ad Hoc Networks , 2009, 2009 Third International Conference on Network and System Security.

[12]  Samer Khasawneh,et al.  Analyzing the Impact of Security Protocols on Wireless LAN with Multimedia Applications , 2012, SECURWARE 2012.

[13]  Athanasios V. Vasilakos,et al.  Energy model for light-weight block ciphers for WBAN applications , 2014, 2014 4th International Conference on Wireless Mobile Communication and Healthcare - Transforming Healthcare Through Innovations in Mobile and Wireless Technologies (MOBIHEALTH).

[14]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[15]  Prashant Krishnamurthy,et al.  Source - destination obfuscation in wireless ad hocnetworks , 2011, Secur. Commun. Networks.

[16]  Prashant Krishnamurthy,et al.  SECLOUD: Source and Destination Seclusion Using Clouds for wireless ad hoc networks , 2009, 2009 IEEE Symposium on Computers and Communications.

[17]  Thaier Hayajneh,et al.  Performance and Information Security Evaluation with Firewalls , 2013 .

[18]  Clifford Neuman,et al.  Deconstructing the Assessment of Anomaly-based Intrusion Detectors , 2013, RAID.