Luckson Simukonda scite author profile

Luckson Simukonda

2Publications

21Citation Statements Received

31Citation Statements Given

How they've been cited

How they cite others

Affiliations

Mulungushi University

Publications

Order By: Most citations

Towards Data Resilience: The Analytical Case of Crypto Ransomware Data Recovery Techniques

Zimba¹,

Wang²,

Simukonda³

2018

IJITCS

View full text Add to dashboard Cite

Abstract-Crypto ransomware has earned an infamous reputation in the malware landscape and its sound sends a lot of shivers to many despite being a new entrant. The media has not helped matters even as the myths and inaccuracies surrounding crypto ransomware continue to deepen. It's been purported that once crypto ransomware attacks, the victim is left with no option but to pay in order to retrieve the encrypted data, and that without a guarantee, or risk losing the data forever. Security researchers are inadvertently thrown into a cat-and-mouse chase to catch up with the latest vices of the aforesaid in order to provide data resilience. In this paper, we debunk the myths surrounding loss of data via a crypto ransomware attack. Using a variety of crypto ransomware samples, we employ reverse engineering and dynamic analysis to evaluate the underlying attack structures and data deletion techniques employed by the ransomware. Further, we expose the data deletion techniques used by ransomware to prevent data recovery and suggest how such could be countered. From the results, we further present observed sandbox evasion techniques employed by ransomware against both static and dynamic analysis in an effort to obfuscate its operations and subsequently prevent data recovery. Our analyses have led us to the conclusion that no matter how devastating a crypto ransomware attack might appear, the key to data recovery options lies in the underlying attack structure and the implemented data deletion methodology.

show abstract

Demystifying Ransomware Attacks: Reverse Engineering and Dynamic Malware Analysis of WannaCry for Network and Information Security

2017

View full text Add to dashboard Cite

Encryption has protected the Internet for some time now and it has come to raise user trust on the otherwise unsecure Internet. However, recent years have seen the use of robust encryption as stepping stone for cyber-criminal activities. Ransomware has not escaped the headlines even as it has attacked almost every sector of the society using a myriad of infection vectors. Mission critical data has been held to ransom and victims have had to part away with millions of dollars. The advent of the anonymous Bitcoin network has made matters worse where it’s been virtually infeasible to trace the perpetrators. In this paper, we endeavor to perform dynamic analysis of WannaCry ransomware samples based on malwarefree infection vectors. Further, we perform reverse-engineering to dissect the ransomware code for further analysis. Results show that despite the use of resilient encryption, the ransomware like other families in the wild uses the same attack structure and cryptographic primitives. Our analysis leads us to the conclusion that this ransomware strain isn't as complex as previously reported. This detailed practical analysis tries to raise awareness to the business community on the realities and importance of IT security whilst hinting on prevention, recovery and the limitations thereof.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.