Abstract
Originating and striking from anywhere, cyber-attacks have become ever more sophisticated in our modern society and users are forced to adopt increasingly good and vigilant practices to protect from them. Among these, ransomware remains a major cyber-attack whose major threat to end users (disrupted operations, restricted files, scrambled sensitive data, financial demands, etc.) does not particularly lie in number but in severity. In this study we explore the possibility of real-time detection of ransomware source through a linguistic analysis that examines machine translation relative to the Levenshtein Distance and may thereby provide important indications as to attacker’s language of origin. Specifically, the aim of our research is to advance a metric to assist in determining whether an external ransom text is an indicator of either a human- or a machine-generated cyber-attack. Our proposed method works its argument on a set of Eastern European languages but is applicable to a large(r) range of languages and/or probabilistic patterns, being characterized by usage of limited resources and scalability properties.
Highlights
The recent COVID-19 pandemic has determined an upsurge of remote work that has increased both companies’ and end users’ exposure to various cyber-attacks
We can capture the text in order to establish a profile against which an unrecognized text can be checked and subject it to the ABA test mentioned above in order to ascertain the original language of the probable cyberattack
In order to be able to distinguish Google Translate (GT) for the translation, we look for a subset of the test items where the separation factor is greatest
Summary
The recent COVID-19 pandemic has determined an upsurge of remote work that has increased both companies’ and end users’ exposure to various cyber-attacks. This has complicated an already existing landscape of risks associated with hacking and cyberattacks that the exponential advancement in technologies has brought about. Ransomware represents a subset of cryptovirology malware that threatens to release and expose the victim's personal information or to permanently disable access to that data until a certain ransom is paid. Whereas some ransomware is designed to lock the system in such a way that it is reversible, more advanced malware employs techniques such as cryptoviral blackmail that encrypts the victim's data, rendering them unusable, and demands payment for their decryption [9]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
