摘要
Ransomware is a type of malicious software that blocks access to a computer by encrypting user’s files until a ransom is paid to the attacker.There have been several reported high-profile ransomware attacks including WannaCry,Petya,and Bad Rabbit resulting in losses of over a billion dollars to various individuals and businesses in the world.The analysis of ransomware is often carried out via sandbox environments;however,the initial setup and configuration of such environments is a challenging task.Also,it is difficult for an ordinary computer user to correctly interpret the complex results presented in the reports generated by such environments and analysis tools.In this research work,we aim to develop a user-friendly model to understand the taxonomy and analysis of ransomware attacks.Also,we aim to present the results of analysis in the form of summarized reports that can easily be understood by an ordinary computer user.Our model is built on top of the well-known Cuckoo sandbox environment for identification of the ransomware as well as generation of the summarized reports.In addition,for evaluating the usability and accessibility of our proposed model,we conduct a comprehensive user survey consisting of participants from various fields,e.g.,professional developers from software houses,people from academia(professors,students).Our evaluation results demonstrate a positive feedback of approximately 92%on the usability of our proposed model.
基金
support of Security Testing-Innovative Secured Systems Lab(ISSL)established at University of Engineering&Technology,Peshawar,Pakistan under the Higher Education Commission initiative of National Center for Cyber Security(Grant No.2(1078)/HEC/M&E/2018/707).
