Abstract

Ransomware is a dangerous malware that blocks access to data through encryption, and it exploits device vulnerabilities to perform chain attacks from one system to another. This study results in modeling the threat of ransomware attacks using Bayesian Network. The structure of the model is created using device vulnerabilities that can be exploited. As the basis for calculating the probability of the model, the EPSS vulnerability score is used. The risk exposure rating is calculated through the joint probability distribution formulation based on attack scenarios. Our model shows that ransomware attacks are most likely to exploit the chain of vulnerabilities CVE-2021-26855, CVE-2021-26857, CVE-2021-27065, CVE-2021-36942, and CVE-2017-0144 which has a probability value of 0.046534. In addition, the use of the EPSS also makes the risk assessment more factual, accurate, and effective. The threat modeling method can help in identifying ransomware attacks through a chain of vulnerabilities, making risk assessment more precise.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Radiation Oncology Ransomware Attack Response Risk Analysis Using Failure Modes and Effects Analysis
Yevgeniy Vinogradskiy ... James Lamb
Practical Radiation Oncology | VOL. 14
Yevgeniy Vinogradskiy, et. al.Yevgeniy Vinogradskiy ... James Lamb
01 Mar 2024
Digital hostages: Leveraging ransomware attacks in cyberspace
Megan Wade
Business Horizons | VOL. 64
Megan WadeMegan Wade
31 Jul 2021
Deception in double extortion ransomware attacks: An analysis of profitability and credibility
Tom Meurs ... Abhishta Abhishta
Computers & Security | VOL. 138
Tom Meurs, et. al.Tom Meurs ... Abhishta Abhishta
21 Dec 2023
Ransomware Security Threat Modeling for Photovoltaic Systems
Ying Su ... Taesic Kim
-
Ying Su, et. al.Ying Su ... Taesic Kim
08 Nov 2021
View more papers

More From: Digital Zone: Jurnal Teknologi Informasi dan Komunikasi

Paper Title
Journal
Date
Author
Implementasi Teknologi Blockchain dalam Aplikasi E-Voting Berbasis Mobile
Setiawan Restu Aji ... Wahyuningdiah Trisari Harsanti Putri
Digital Zone: Jurnal Teknologi Informasi dan Komunikasi | VOL. 14
Setiawan Restu Aji, et. al.Setiawan Restu Aji ... Wahyuningdiah Trisari Harsanti Putri
01 Dec 2023
Constellation of Football Players Determination Based on Cost and Performance History Using the K-Means Clustering
Eko Prasetyo ... Almendaris Shandy Priyatama
Digital Zone: Jurnal Teknologi Informasi dan Komunikasi | VOL. 14
Eko Prasetyo, et. al.Eko Prasetyo ... Almendaris Shandy Priyatama
30 Nov 2023
Bibliometric Study : Rainfall Classification - Prediction using Machine Learning Methods
Ozzy Secio Riza ... Ari Nuryadi
Digital Zone: Jurnal Teknologi Informasi dan Komunikasi | VOL. 14
Ozzy Secio Riza, et. al.Ozzy Secio Riza ... Ari Nuryadi
30 Nov 2023
Penerapan Teknologi Augmented Reality Sebagai Media Promosi Sepatu
Muhammad Khoirul Anam ... Yuli Asriningtias
Digital Zone: Jurnal Teknologi Informasi dan Komunikasi | VOL. 14
Muhammad Khoirul Anam, et. al.Muhammad Khoirul Anam ... Yuli Asriningtias
30 Nov 2023
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.