Michael D. Logothetis scite author profile

Modern day ransomware families implement sophisticated encryption and propagation schemes, thus limiting chances to recover the data almost to zero. We investigate the use of software-defined networking (SDN) to detect and mitigate advanced ransomware threat. We present our ransomware analysis results and our developed SDN-based security framework. For the proof of concept, the infamous WannaCry ransomware was used. Based on the obtained results, we design an SDN detection and mitigation framework and develop a solution based on OpenFlow. The developed solution detects suspicious activities through network traffic monitoring and blocks infected hosts by adding flow table entries into OpenFlow switches in a real-time manner. Finally, our experiments with multiple samples of WannaCry show that the developed mechanism in all cases is able to promptly detect the infected machines and prevent WannaCry from spreading.

show abstract

Performance behaviour of IEEE 802.11 distributed coordination function

Vardakas

Sidiropoulos

Logothetis

2008

IET Circuits Devices Syst.

View full text Add to dashboard Cite

WannaCry Ransomware: Analysis of Infection, Persistence, Recovery Prevention and Propagation Mechanisms

Akbanov

Logothetis

2019

JTIT

View full text Add to dashboard Cite

In recent years, we have been experiencing fast proliferation of diﬀerent types of ransomware targeting home users, companies and even critical telecommunications infrastructure elements. Modern day ransomware relies on sophisticated infection, persistence and recovery prevention mechanisms. Some recent examples that received signiﬁcant attention include WannaCry, Petya and BadRabbit. To design and develop appropriate defense mechanisms, it is important to understand the characteristics and the behavior of diﬀerent types of ransomware. Dynamic analysis techniques are typically used to achieve that purpose, where the malicious binaries are executed in a controlled environment and are then observed. In this work, the dynamic analysis results focusing on the infamous WannaCry ransomware are presented. In particular, WannaCry is examined, during its execution in a purpose-built virtual lab environment, in order to analyze its infection, persistence, recovery prevention and propagation mechanisms. The results obtained may be used for developing appropriate detection and defense solutions for WannaCry and other ransomware families that exhibit similar behaviors

show abstract

Performance Evaluation of a C-RAN Supporting Quasi-Random Traffic

Chousainov

Moscholios

Kaloxylos

et al. 2019

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.