Ransomware Attack as Hardware Trojan: A Feasibility and Demonstration Study

Almeida, Felipe; Imran, Malik; Raik, Jaan; Pagliarini, Samuel

doi:10.1109/access.2022.3168991

Cited by 10 publications

(16 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Later campaigns like WannaCry (2017) and DarkSide (2020) took advantage of unpatched software vulnerabilities to propagate quickly across networks in worm-like fashion [34,35,21]. These marked a shift towards "big game hunting", targeting victims with deeper pockets through manual, lateral movement techniques post-intrusion [24,36]. Attackers eventually realized that data encryption alone was an inadequate extortion tactic.…”

Section: Ransomware Evolutionmentioning

confidence: 99%

“…However, advanced evasion techniques like polymorphism, metamorphism, and antisandbox checks allow threats to avoid triggering alerts [30,46]. Attackers now operate slowly and stealthily, conducting extensive internal reconnaissance over months before staging data and launching encryption [36,13]. Hence, existing defenses have largely only managed to capture threats post-breach as opposed to preventing breaches entirely [31,33].…”

Section: Ransomware Detectionmentioning

confidence: 99%

See 1 more Smart Citation

Mitigating Data Exfiltration Ransomware through Advanced Decoy File Strategies

Liu,

Chen

2023

Preprint

View full text Add to dashboard Cite

This study introduces an advanced decoy file strategy utilizing Generative Adversarial Networks (GANs) to combat data exfiltration ransomware threats. Focused on creating highly realistic decoy documents, the system embeds these across enterprise networks, engaging ransomware threats effectively. It includes real-time monitoring for abnormal interactions and proactive response mechanisms for threat containment. Rigorous testing against various ransomware samples demonstrated high engagement rates and rapid response times, confirming the system's effectiveness. Integration across diverse network types was achieved with minimal operational overhead. This study highlights the system's adaptability in the face of evolving ransomware tactics and underscores the balance between decoy realism and deployability.

show abstract

Section: Ransomware Evolutionmentioning

confidence: 99%

Section: Ransomware Detectionmentioning

confidence: 99%

Mitigating Data Exfiltration Ransomware through Advanced Decoy File Strategies

Liu,

Chen

2023

Preprint

View full text Add to dashboard Cite

show abstract

“…Extensive studies have been conducted on various features of ransomware. One key aspect analyzed is the use of sophisticated fingerprinting methods by ransomware, which include time, date, language, and geolocation data, to tailor social engineering attacks [11,12]. For example, ransomware variants like Reveton and Cerber have been noted for customizing ransom notes in the victim's language, enhancing the efficacy of the scam [13,14,15,16].…”

Section: Ransomware Feature Studiesmentioning

confidence: 99%

Ransomware Detection with Opcode Analysis and GAN-Based Unsupervised Learning

Zhong,

Kang

2024

Preprint

View full text Add to dashboard Cite

This study introduces an innovative approach to ransomware detection utilizing opcode analysis combined with Generative Adversarial Networks (GANs). Focusing on the dynamic nature of modern ransomware threats, the research develops a method that leverages unsupervised learning to detect both known and novel ransomware variants. The study begins by examining the evolution of ransomware, from its initial focus on Windows-based systems to the current sophisticated attacks on various platforms. It then explores the implementation of a GAN-based model, capable of discerning ransomware through complex opcode patterns. Experimental results demonstrate the model's effectiveness across several ransomware families, with high accuracy, precision, recall, and F1-scores. The research further delves into the implications of advanced ransomware detection techniques, challenges in adapting to evolving ransomware strategies, the integration of AI in cybersecurity, and future directions in ransomware mitigation. This paper contributes significantly to the field of cybersecurity by providing an advanced, adaptable, and efficient tool for ransomware detection, marking a step forward in combating the increasing ransomware threat.

show abstract

“…Financial gain is one of the primary motivations behind ransomware attacks on transportation systems. Transportation systems are interesting targets because they frequently manage significant quantities of sensitive data and play a vital part in people's everyday lives [43]. Ransomware is used by attackers to encrypt crucial data and demand money in exchange for the decryption key; it may be a profitable source of cash for hackers.…”

Section: Motivating Factors Of Ransomware Attacks On Transportation S...mentioning

confidence: 99%

Modus Operandi, Factors, Implications and Governance of Ransomware Attacks on Transportation Systems

Mohamad,

Yan,

Aziz

et al. 2024

Atlantis Highlights in Social Sciences, Education and Humanities

View full text Add to dashboard Cite

An efficient transportation system provides numerous benefits to people, businesses, and the larger community, including effective transportation of people and goods, enhanced economic growth, less congestion and travel time, improved access to education and healthcare and other benefits. The digital revolution has transformed the transportation sector, making it more efficient, sustainable, and customer centric. As public transit networks grow increasingly digital, so does the possibility of cyberattacks, one of the common attacks being ransomware, which could cause severe repercussions, leading to service disruptions and putting people at risk. Engaging in document review and paper analysis of past literature and government documents, this paper investigates the modus operandi, factors, implications, and governance of ransomware attacks on the transportation system. The study found various factors that motivate ransomware in transportation systems such as financial gain, service disruption, espionage, and political motivations. This further leads to various implications such as disruption of the normal operation of public transportation networks, financial losses, loss of vital data, harm to health and safety of users, degradation of the reputation of public transportation networks, as well as legal and regulatory repercussions. In Malaysia, ransomware is governed by Section 5 of Computer Crimes Act 1997 for unauthorised modification, Penal Code's Sections 378 for theft, 420 for deception, and 506 for criminal intimidation, as well as relevant provisions of the Personal Data Protection Act of 2010. The study is expected to contribute to the body of literature on ransomware and cybersecurity in the context of transportation systems.

show abstract

Ransomware Attack as Hardware Trojan: A Feasibility and Demonstration Study

Cited by 10 publications

References 30 publications

Mitigating Data Exfiltration Ransomware through Advanced Decoy File Strategies

Mitigating Data Exfiltration Ransomware through Advanced Decoy File Strategies

Ransomware Detection with Opcode Analysis and GAN-Based Unsupervised Learning

Modus Operandi, Factors, Implications and Governance of Ransomware Attacks on Transportation Systems

Contact Info

Product

Resources

About