Blacklist vs. Whitelist-Based Ransomware Solutions

The COVID-19 pandemic has witnessed a huge surge in the number of ransomware attacks. Different institutions such as healthcare, financial, and government have been targeted. There can be numerous reasons for such a sudden rise in attacks, but it appears working remotely in home-based environments (which is less secure compared to traditional institutional networks) could be one of the reasons. Cybercriminals are constantly exploring different approaches like social engineering attacks, such as phishing attacks, to spread ransomware. Hence, in this paper, we explored recent advances in ransomware prevention and detection and highlighted future research challenges and directions. We also carried out an analysis of a few popular ransomware samples and developed our own experimental ransomware, AESthetic, that was able to evade detection against eight popular antivirus programs.

show abstract

“…(2018) ; Genç et al. (2018) ; Kim and Lee (2020) ; McIntosh et al. (2021) ; Parkinson (2017) Data Backup Continella et al.…”

Section: Literature Reviewmentioning

confidence: 99%

“…Kim and Lee Kim and Lee (2020) proposed an access control list that whitelists specific programs for each file type. Only whitelisted programs are allowed to access files.…”

Section: Literature Reviewmentioning

confidence: 99%

Ransomware: Recent advances, analysis, challenges and future research directions

Beaman

Barkworth

Akande

et al. 2021

Computers & Security

132

View full text Add to dashboard Cite

show abstract

“…He proposed implementing least privilege and separation of duties through role-based access control; restricting data access as far up the directory hierarchy as possible; and routinely auditing permissions and roles. Kim and Lee (2020) [7] proposed an access control list that whitelists specific programs for each file type. Only whitelisted programs are allowed to access files.…”

Section: Related Literaturementioning

confidence: 99%

Security Measures Against Malware, Botnets & Ransomware

Attoh¹

2022

AIMS Research Publication

View full text Add to dashboard Cite

Phone: +233574346850 The COVID-19 pandemic has witnessed a huge surge in the number of malware and ransomware attacks. Different institutions such as healthcare, financial, and government have been targeted. There can be numerous reasons for such a sudden rise in attacks, but it appears working remotely in home-based environments (which is less secure compared to traditional institutional networks) could be one of the reasons. Cybercriminals are constantly exploring different approaches like social engineering attacks, such as phishing attacks, to spread ransomware. Hence, in this paper, I explored recent advances in ransomware prevention and detection and highlighted future research challenges and directions. Keywords: Ransomware, Cybersecurity, Antivirus, Malware, Ransomware prevention, COVID-19, Ransomware detection BOOK Chapter ǀ Research Nexus in IT, Law, Cyber Security & Forensics. Open Access. Distributed Free Citation: Joseph Antwi Attoh (2022): Security Measures Against Malware, Botnets & Ransomware Book Chapter Series on Research Nexus in IT, Law, Cyber Security & Forensics. Pp 345-352 www.isteams.net/ITlawbookchapter2022. dx.doi.org/10.22624/AIMS/CRP-BK3-P55

show abstract

“…Kim et al [24] also published the results of their research on the subject in 2020. On the one hand, it also numerically describes that 70% of cyberattacks were committed by ransomware attacks as early as 2017, and that this rate has only drastically risen since then.…”

Section: State-of-the-art Research In Ransomware-type Cyberthreatsmentioning

confidence: 99%

Introduction of the ARDS—Anti-Ransomware Defense System Model—Based on the Systematic Review of Worldwide Ransomware Attacks

2021

View full text Add to dashboard Cite

We live in a world of digital information communication and digital data storage. Following the development of technology, demands from the user side also pose serious challenges for developers, both in the field of hardware and software development. However, the increasing penetration of the Internet, IoT and digital solutions that have become available in almost every segment of life, carries risks as well as benefits. In this study, the authors present the phenomenon of ransomware attacks that appear on a daily basis, which endangers the operation and security of the digital sphere of both small and large enterprises and individuals. An overview of ransomware attacks, the tendency and characteristics of the attacks, which have caused serious financial loss and other damages to the victims, are presented. This manuscript also provides a brief overview of protection against ransomware attacks and the software and hardware options that enhance general user security and their effectiveness as standalone applications. The authors present the results of the study, which aimed to explore how the available software and hardware devices can implement digital user security. Based on the results of the research, the authors propose a complex system that can be used to increase the efficiency of network protection and OS protection tools already available to improve network security, and to detect ransomware attacks early. As a result, the model of the proposed protection system is presented, and it can be stated that the complex system should be able to detect ransomware attacks from either the Internet or the internal network at an early stage, mitigate malicious processes and maintain data in recoverable state.

show abstract

Blacklist vs. Whitelist-Based Ransomware Solutions

Cited by 19 publications

References 1 publication

Ransomware: Recent advances, analysis, challenges and future research directions

Ransomware: Recent advances, analysis, challenges and future research directions

Security Measures Against Malware, Botnets & Ransomware

Introduction of the ARDS—Anti-Ransomware Defense System Model—Based on the Systematic Review of Worldwide Ransomware Attacks

Contact Info

Product

Resources

About