Abstract
The focus of the paper is on providing insights on how ransomware have evolved from its starting till March 2016 by analyzing samples of selected ransomware variants from existing ransomware families in Windows and Android environments. Seventeen Windows and eight Android ransomware families were analyzed. For each ransomware family, at least, three variants belonging to the same family were compared. The analysis revealed that ransomware variants behave in a very similar manner, but use different payloads. Our analysis shows that there has been a significant improvement in encryption techniques used by ransomware. The experimental results in Windows environment demonstrate that detection of ransomware is possible by monitoring abnormal filesystem and registry activities. In Android environment, our analysis reveals that likelihood of ransomware attacks can be reduced by paying a closer attention to permissions requested by the Android applications.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
