Experimental Analysis of Ransomware on Windows and Android Platforms: Evolution and Characterization | Zendy

Monika Monika | Zendy; Pavol Zavarsky | Zendy; Dale Lindskog | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Experimental Analysis of Ransomware on Windows and Android Platforms: Evolution and Characterization

Author(s) -

Monika Monika,

Pavol Zavarsky,

Dale Lindskog

Publication year - 2016

Publication title -

procedia computer science

Language(s) - English

Resource type - Journals

SCImago Journal Rank - 0.334

H-Index - 76

ISSN - 1877-0509

DOI - 10.1016/j.procs.2016.08.072

Subject(s) - ransomware , android (operating system) , computer science , android application , operating system , computer security , malware

The focus of the paper is on providing insights on how ransomware have evolved from its starting till March 2016 by analyzing samples of selected ransomware variants from existing ransomware families in Windows and Android environments. Seventeen Windows and eight Android ransomware families were analyzed. For each ransomware family, at least, three variants belonging to the same family were compared. The analysis revealed that ransomware variants behave in a very similar manner, but use different payloads. Our analysis shows that there has been a significant improvement in encryption techniques used by ransomware. The experimental results in Windows environment demonstrate that detection of ransomware is possible by monitoring abnormal filesystem and registry activities. In Android environment, our analysis reveals that likelihood of ransomware attacks can be reduced by paying a closer attention to permissions requested by the Android applications.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research