Ransomware Analysis using Cyber Kill Chain

Ali Mirza, Qublai Khan ORCID: 0000-0003-3403-2935, Brown, Martin, Halling, Oliver, Shand, Louie and Alam, Abu (2021) Ransomware Analysis using Cyber Kill Chain. In: 2021 8th International Conference on Future Internet of Things and Cloud (FiCloud). IEEE Xplore, pp. 58-65. ISBN 978-1-6654-2575-9

[img] Text (Peer Reviewed Version)
10769 Ali MIrza et al (2021) Ransomware-Analysis-using-Cyber-Kill-Chain.pdf - Accepted Version
Restricted to Repository staff only
Available under License All Rights Reserved.

Download (638kB)

Abstract

The havoc caused by ransomware in the recent past is far greater than any other form of malware. Victims of this specific form of malware include, but not limited to; SMEs, large organizations, and government infrastructure. Most of these ransomwares exploit zero-day vulnerabilities and quite easily bypass the conventional security mechanisms, which means even the modern security mechanisms are surpassed by these weaponised pieces of code. This paper presents a thorough analysis of four different and quite lethal ransomware; Petya, Mamba, Cerber, and WannaCry. The unique and common features of these four malware were identified by implementing Cyber Kill Chain phases. The common features extracted from these ransomwares can be used to train analysts in order to identify a ransomware attack in its early stages and block any damage it can cause. Thus, providing future analysts features to identify enabling a more proactive and apt response when dealing with future malware threats.

Item Type: Book Section
Article Type: Article
Uncontrolled Keywords: Ransomware; Malware Analysis; Cyber Kill Chain; Cyber-Attack Modelling; Reverse Engineering
Subjects: H Social Sciences > HV Social pathology. Social and public welfare. Criminology. > HV6001 Criminology > HV6251 Crimes and offences
Q Science > QA Mathematics > QA76 Computer software
Divisions: Schools and Research Institutes > Gloucestershire Business School
Research Priority Areas: Applied Business & Technology
Depositing User: Kate Greenaway
Date Deposited: 03 Mar 2022 12:14
Last Modified: 03 Mar 2022 12:15
URI: https://eprints.glos.ac.uk/id/eprint/10769

University Staff: Request a correction | Repository Editors: Update this record

University Of Gloucestershire

Bookmark and Share

Find Us On Social Media:

Social Media Icons Facebook Twitter Google+ YouTube Pinterest Linkedin

Other University Web Sites

University of Gloucestershire, The Park, Cheltenham, Gloucestershire, GL50 2RH. Telephone +44 (0)844 8010001.