Abstract
Ransomware infections have grown exponentially during the recent past to cause major disruption in operations across a range of industries including the government. Through this research, we present an analysis of 14 strains of ransomware that infect Windows platforms, and we do a comparison of Windows Application Programming Interface (API) calls made through ransomware processes with baselines of normal operating system behaviour. The study identifies and reports salient features of ransomware as referred through the frequencies of API calls.
| Original language | English |
|---|---|
| Pages (from-to) | 44-51 |
| Number of pages | 8 |
| Journal | Journal of Information Security and Applications |
| Volume | 40 |
| DOIs | |
| State | Published - Jun 2018 |
Bibliographical note
Publisher Copyright:© 2018 Elsevier Ltd
Keywords
- Cryptovirology
- Cybersecurity
- Intrusion detection
- Malware
- Ransomware
- Win/32
ASJC Scopus subject areas
- Software
- Safety, Risk, Reliability and Quality
- Computer Networks and Communications