{"title":"Wannacry勒索软件及其检测研究","authors":"M. S. Kumar, J. Ben-othman, K. .. Srinivasagan","doi":"10.1109/ISCC.2018.8538354","DOIUrl":null,"url":null,"abstract":"The technological advancement has been accompanied with many issues to the information: security, privacy, and integrity. Malware is one of the security issues that threaten computer system. Ransomware is a type of malicious software that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. This paper investigates the intrusion of WannaCry ransomware and the possible detection of the ransomware using static and dynamic analysis. From the analysis, the features of the malware were extracted and detection has been done using those features. The intrusion detection technique used here in this study is Yara-rule based detection which involves an attempt to define a set of rules which comprises of unique strings which is decoded from the wannacry file.","PeriodicalId":233592,"journal":{"name":"2018 IEEE Symposium on Computers and Communications (ISCC)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"21","resultStr":"{\"title\":\"An Investigation on Wannacry Ransomware and its Detection\",\"authors\":\"M. S. Kumar, J. Ben-othman, K. .. Srinivasagan\",\"doi\":\"10.1109/ISCC.2018.8538354\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The technological advancement has been accompanied with many issues to the information: security, privacy, and integrity. Malware is one of the security issues that threaten computer system. Ransomware is a type of malicious software that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. This paper investigates the intrusion of WannaCry ransomware and the possible detection of the ransomware using static and dynamic analysis. From the analysis, the features of the malware were extracted and detection has been done using those features. The intrusion detection technique used here in this study is Yara-rule based detection which involves an attempt to define a set of rules which comprises of unique strings which is decoded from the wannacry file.\",\"PeriodicalId\":233592,\"journal\":{\"name\":\"2018 IEEE Symposium on Computers and Communications (ISCC)\",\"volume\":\"36 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"21\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 IEEE Symposium on Computers and Communications (ISCC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISCC.2018.8538354\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE Symposium on Computers and Communications (ISCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCC.2018.8538354","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Investigation on Wannacry Ransomware and its Detection
The technological advancement has been accompanied with many issues to the information: security, privacy, and integrity. Malware is one of the security issues that threaten computer system. Ransomware is a type of malicious software that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. This paper investigates the intrusion of WannaCry ransomware and the possible detection of the ransomware using static and dynamic analysis. From the analysis, the features of the malware were extracted and detection has been done using those features. The intrusion detection technique used here in this study is Yara-rule based detection which involves an attempt to define a set of rules which comprises of unique strings which is decoded from the wannacry file.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
