Synthesis of Evidence on Existing and Emerging Social Engineering Ransomware Attack Vectors

Bello, Abubakar; Maurushat, Alana

doi:10.4018/978-1-6684-5827-3.ch015

Cited by 5 publications

(6 citation statements)

References 49 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The trend towards using ransomware to exfiltrate and threaten the release of sensitive data, rather than just encrypting it, marked a significant evolution in ransomware's impact on data privacy and security [52], [53], [54]. Studies also noted the increasing use of social engineering tactics to facilitate ransomware infection, emphasizing the sophistication of attack methods [21], [55], [56]. The diversification of payment demands, including cryptocurrencies, was identified as a factor complicating the tracking and mitigation of ransomware incidents [1], [3].…”

Section: Ransomware Evolution and Trendsmentioning

confidence: 99%

Examining Windows File System IRP Operations with Machine Learning for Ransomware Detection

Xu,

Wang

2024

Preprint

View full text Add to dashboard Cite

This study introduces an innovative approach to ransomware detection on Windows operating systems by leveraging Generative Adversarial Networks (GANs) to analyze file system I/O Request Packet (IRP) operations. The proposed method demonstrates a significant improvement in identifying ransomware activities through the dynamic monitoring of IRP operations, distinguishing between benign and malicious behaviors with high accuracy. The research highlights the application of GANs as a powerful tool in cybersecurity, capable of adapting to evolving ransomware tactics without the need for predefined threat signatures. Through rigorous testing, the model showcased notable advancements over traditional detection methods, indicating its potential to enhance real-world cybersecurity defenses. The findings suggest a shift towards more adaptive, machine learning-based solutions for combating the increasing complexity of cyber threats.

show abstract

Section: Ransomware Evolution and Trendsmentioning

confidence: 99%

Examining Windows File System IRP Operations with Machine Learning for Ransomware Detection

Xu,

Wang

2024

Preprint

View full text Add to dashboard Cite

show abstract

“…Extensive studies have been conducted on various features of ransomware. One key aspect analyzed is the use of sophisticated fingerprinting methods by ransomware, which include time, date, language, and geolocation data, to tailor social engineering attacks [11,12]. For example, ransomware variants like Reveton and Cerber have been noted for customizing ransom notes in the victim's language, enhancing the efficacy of the scam [13,14,15,16].…”

Section: Ransomware Feature Studiesmentioning

confidence: 99%

Ransomware Detection with Opcode Analysis and GAN-Based Unsupervised Learning

Zhong,

Kang

2024

Preprint

View full text Add to dashboard Cite

This study introduces an innovative approach to ransomware detection utilizing opcode analysis combined with Generative Adversarial Networks (GANs). Focusing on the dynamic nature of modern ransomware threats, the research develops a method that leverages unsupervised learning to detect both known and novel ransomware variants. The study begins by examining the evolution of ransomware, from its initial focus on Windows-based systems to the current sophisticated attacks on various platforms. It then explores the implementation of a GAN-based model, capable of discerning ransomware through complex opcode patterns. Experimental results demonstrate the model's effectiveness across several ransomware families, with high accuracy, precision, recall, and F1-scores. The research further delves into the implications of advanced ransomware detection techniques, challenges in adapting to evolving ransomware strategies, the integration of AI in cybersecurity, and future directions in ransomware mitigation. This paper contributes significantly to the field of cybersecurity by providing an advanced, adaptable, and efficient tool for ransomware detection, marking a step forward in combating the increasing ransomware threat.

show abstract

“…These attacks manifest in two primary forms: cryptographic ransomware, which encrypts a victim's data and demands a ransom for its decryption [3], and data theft ransomware, involving the exfiltration of sensitive information, often coupled with threats of public release or further extortion [4,5]. Historically, these forms of ransomware have led to significant financial losses, operational disruptions, and severe breaches of privacy and data security [6,7]. Phishing emails have emerged as one of the most prevalent avenues for ransomware attacks (Figure 1) [8,9,10].…”

Section: Introductionmentioning

confidence: 99%

“…By intercepting these emails, cybersecurity professionals have a unique opportunity to analyze and understand the diverse and continuously evolving strategies employed by attackers [16]. This analysis is crucial in grasping the subtle and intricate tactics used, enabling the formulation of stronger defenses against the dual threats of encryption-based and data theft ransomware [7,4].…”

Section: Introductionmentioning

confidence: 99%

Semantic Analysis of Phishing Emails Leading to Ransomware with ChatGPT

Fujima,

Takeuchi,

Kumamoto

2023

Preprint

View full text Add to dashboard Cite

Ransomware attacks have rapidly emerged as crippling threats to organizational stability and business continuity. This study conducts an in-depth analysis of real-world phishing emails that often initiate ransomware deployments within companies. The key objectives encompass identifying psychological tricks, technical deceits and language anomalies commonly conveyed in such emails to better inform defensive strategies. Additionally, a ChatGPT-powered machine learning model is designed using natural language processing for automatically detecting ransomware phishing attempts. The findings reveal manipulative patterns regarding urgency triggers, security-related technical terminologies, and language inconsistencies that distinguish malicious emails from authentic communications. The model demonstrates high accuracy levels in categorizing phishing emails, serving as a swift automated layer of security against cunning ransomware infiltration.

show abstract

Synthesis of Evidence on Existing and Emerging Social Engineering Ransomware Attack Vectors

Cited by 5 publications

References 49 publications

Examining Windows File System IRP Operations with Machine Learning for Ransomware Detection

Examining Windows File System IRP Operations with Machine Learning for Ransomware Detection

Ransomware Detection with Opcode Analysis and GAN-Based Unsupervised Learning

Semantic Analysis of Phishing Emails Leading to Ransomware with ChatGPT

Contact Info

Product

Resources

About