Ransomware-Resilient Self-Healing XML Documents

Al-Dwairi, Mahmoud; Shatnawi, Ahmed S.; Al-Khaleel, Osama; Al-Duwairi, Basheer

doi:10.3390/fi14040115

Cited by 7 publications

(3 citation statements)

References 43 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The result of this effort is the creation of a decryption key for recovering files held by the ransomware without the need to obtain the attacker's RSA private key or pay a ransom to the attacker. A very recent recovery method is the novel framework proposed as an efficient technique for recovering XML documents that have been compromised by ransomware attack (Al-Dwairi et al, 2022). The approach uses the concepts of links to support the distributed storage of different versions of the same file.…”

Section: Prevention Mitigation and Recovery Strategiesmentioning

confidence: 99%

Trends and Future Directions in Automated Ransomware Detection

Jegede

Fadele²,

Onoja³

et al. 2022

JCSI

View full text Add to dashboard Cite

Ransomware attacks constitute major security threats to personal and corporate data and information. A successful ransomware attack results in significant security and privacy violations with attendant financial losses and reputational damages to owners of computer-based resources. This makes it imperative for accurate, timely and reliable detection of ransomware. Several techniques have been proposed for ransomware detection and each technique has its strengths and limitations. The aim of this paper is to discuss the current trends and future directions in automated ransomware detection. The paper provides a background discussion on ransomware as well as historical background and chronology of ransomware attacks. It also provides a detailed and critical review of recent approaches to ransomware detection, prevention, mitigation and recovery. A major strength of the paper is the presentation of the chronology of ransomware attacks from its inception in 1989 to the latest attacks occurring in 2021. Another strength of the study is that a large proportion of the studies reviewed were published between 2015 and 2022. This provides readers with an up-to-date knowledge of the state-of-the-art in ransomware detection. It also provides insights into advances in strategies for preventing, mitigating and recovering from ransomware attacks. Overall, this paper presents researchers with open issues and possible research problems in ransomware detection, prevention, mitigation and recovery.

show abstract

Section: Prevention Mitigation and Recovery Strategiesmentioning

confidence: 99%

Trends and Future Directions in Automated Ransomware Detection

Jegede

Fadele²,

Onoja³

et al. 2022

JCSI

View full text Add to dashboard Cite

show abstract

“…It is then used to decrypt the files and folders encrypted by ransomware. SH-VARR is a framework developed by Al-Dwairi et al [18], which utilizes the link concept to protect any XML document from being encrypted or deleted during a ransomware attack.…”

Section: Introductionmentioning

confidence: 99%

Dynamic Ransomware Detection for Windows Platform Using Machine Learning Classifiers

Park

Razak

2022

JOIV : Int. J. Inform. Visualization

View full text Add to dashboard Cite

In this world of growing technological advancements, ransomware attacks are also on the rise. This threat often affects the finance of individuals, organizations, and financial sectors. In order to effectively detect and block these ransomware threats, the dynamic analysis strategy was proposed and carried out as the approach of this research. This paper aims to detect ransomware attacks with dynamic analysis and classify the attacks using various machine learning classifiers namely: Random Forest, Naïve Bayes, J48, Decision Table and Hoeffding Tree. The TON IoT Datasets from the University of New South Wales' (UNSW) were used to capture ransomware attack features on Windows 7. During the experiment, a testbed was configured with numerous virtual Windows 7 machines and a single attacker host to carry out the ransomware attack. A total of 77 classification features are selected based on the changes before and after the attack. Random Forest and J48 classifiers outperformed other classifiers with the highest accuracy results of 99.74%. The confusion matrix highlights that both Random Forest and J48 classifiers are able to accurately classify the ransomware attacks with the AUC value of 0.997 respectively. Our experimental result also suggests that dynamic analysis with machine learning classifier is an effective solution to detect ransomware with the accuracy percentage exceeds 98%.

show abstract

“…Current solutions against ransomware do not cover all possible risks of data loss. In this article [ 16 ], the authors try to address this aspect and provide an effective solution that ensures efficient recovery of XML documents after ransomware attacks.…”

mentioning

confidence: 99%