Analysis of AES-CBC Encryption for Interpreting Crypto-Wall Ransomware

Pillai, Anish; Kadikar, Ruturaj; Vasanthi, M. S.; Amutha, B.

doi:10.1109/iccsp.2018.8524494

Cited by 4 publications

(4 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Updating the cipher key consists of three main steps; shift operation, XOR, and changing the key's time. Research by Pillai et al [23] provided a time analysis of the ransomware that uses the AES-CBC encryption algorithm. Their results show that the encryption time depends on two main factors; the key size and the size of the data to be encrypted.…”

Section: Related Workmentioning

confidence: 99%

Enhanced and authenticated cipher block chaining mode

2023

View full text Add to dashboard Cite

Due to the increased attacks on different applications, data security has become crucial. Many modes can be used to operate the advanced encryption standard (AES), some of which provide integrity, and some outperform other modes in security and simplicity. In this paper, the chain block cipher (CBC) mode has been modified to provide more security to the encrypted data by making it robust against the bit-flipping attack and adding an integrity approach using the keyedhash function. In addition, using the keyd-hash function increases the number of keys needed in CBC-AES to two keys, and this can make the proposed model more secure against bruteforce attacks and Grover’s quantum search algorithm.

show abstract

Section: Related Workmentioning

confidence: 99%

Enhanced and authenticated cipher block chaining mode

2023

View full text Add to dashboard Cite

show abstract

“…If suspicious behavior is detected, the SDN controller blocks the IP or domain. Furthermore, the SDN concept is also applied in [50]. This work tracks the behavior of crypto locker ransomware using asymmetric encryption.…”

Section: Detection and Predictionmentioning

confidence: 99%

A Survey on Situational Awareness of Ransomware Attacks—Detection and Prevention Parameters

et al. 2019

View full text Add to dashboard Cite

In recent years, cybercrime activities have grown significantly, compromising device security and jeopardizing the normal activities of enterprises. The profits obtained through intimidation and the limitations for tracking down the illegal transactions have created a lucrative business based on the hijacking of users’ files. In this context, ransomware takes advantage of cryptography to compromise the user information or deny access to the operating system. Then, the attacker extorts the victim to pay a ransom in order to regain access, recover the data, or keep the information private. Nowadays, the adoption of Situational Awareness (SA) and cognitive approaches can facilitate the rapid identification of ransomware threats. SA allows knowing what is happening in compromised devices and network communications through monitoring, aggregation, correlation, and analysis tasks. The current literature provides some parameters that are monitored and analyzed in order to prevent these kinds of attacks at an early stage. However, there is no complete list of them. To the best of our knowledge, this paper is the first proposal that summarizes the parameters evaluated in this research field and considers the SA concept. Furthermore, there are several articles that tackle ransomware problems. However, there are few surveys that summarize the current situation in the area, not only regarding its evolution but also its issues and future challenges. This survey also provides a classification of ransomware articles based on detection and prevention approaches.

show abstract

“…Here are four stages of viruses in the episode: The first step is phishing campaigns through email and website links, then manipulating users to execute malicious files and gain access rights on the user's computer. The second stage is accessing computer resources, deleting backup data, encrypting data with curve25519 or AES-256-CTR encryption [7][8][9]. The third stage displays a ransom message to the user's monitor screen.…”

Section: Introductionmentioning

confidence: 99%

“…Finally, the fourth stage spreads advanced infections to his other computers. Based on this, the importance of mitigating because the excess of this virus can apply widespread attack expansion through the same network traffic and can operate without having to connect to the command and control server [9][10][11].…”

Section: Introductionmentioning

confidence: 99%

Mitigating Sodinokibi Ransomware Attack on Cloud Network Using Software-Defined Networking (SDN)

Umar¹,

Riadi²,

Kusuma³

2021

IJSSE

View full text Add to dashboard Cite

Sodinokibi Ransomware virus becomes a severe threat by targeting data encryption on a server, and this virus infection continues to spread to encrypt data on other computers. This study aims to mitigate by experiment with building a prevention system through computer network management. The mitigation process is carried out through static, dynamic, and Software-Defined Networking (SDN) analysis to prevent the impact of attacks through programmatic network management. SDN consists of two main components in its implementation, the Ryu controller and Open Virtual Switch (OVS). Result testing mitigation system on infected networks by crippling TCP internet protocol access can reduce virus spread by 17.13% and suppress Sodinokibi traffic logs by up to 73.97%. Based on the percentage data, SDN-based mitigation in this study is per the objectives to make it possible to mitigate Ransomware attacks on computer network traffic.

show abstract

Analysis of AES-CBC Encryption for Interpreting Crypto-Wall Ransomware

Cited by 4 publications

References 22 publications

Enhanced and authenticated cipher block chaining mode

Enhanced and authenticated cipher block chaining mode

A Survey on Situational Awareness of Ransomware Attacks—Detection and Prevention Parameters

Mitigating Sodinokibi Ransomware Attack on Cloud Network Using Software-Defined Networking (SDN)

Contact Info

Product

Resources

About