Litcius/Paper detail

SALAM Ransomware Behavior Analysis Challenges and Decryption

Bahaa Yamany, Marianne A. Azer

202112 citationsDOI

Abstract

Malware attacks the CIA Triad of security: Confidentiality, integrity, availability. Some malwares work autonomously, whereas some others need a host. Ransomware is a type of malware that holds files, devices, and other important assets hostage in exchange for money. Damage these days is not limited to file loss; it can extend to denial of services, disclosure of private data such as intellectual property and personnel information. Ransomwares are getting sophisticated; evolving from using malicious websites having payloads used in targeted campaigns. These attacks are called Advanced Persistent Threats (APTs). This paper focuses on Ransomware types, malware analysis approaches used in detecting Ransomware behavior, and the way it affects the business of an organization. Salam Ransomware behavior in experimental lab simulation and understand the decryption mechanism used by this Ransomware Family and how to break the decryption algorithm used by Salam Ransomware.

Topics & Concepts

RansomwareMalwareComputer securityComputer scienceMalware analysisConfidentialityAdvanced Malware Detection TechniquesNetwork Security and Intrusion DetectionSpam and Phishing Detection