Interdisciplinary Research Group in Socio-technical CybersecurityDual-Use Research In Ransomware Attacks: A Discussion on Ransomware Defence IntelligenceZiya Alper Genç, Gabriele LenziniAbstract:Previous research has shown that developers rely on public platforms and repositories to produce functional but insecure code. We looked into the matter for ransomware, enquiring whether also ransomware engineers re-use the work of others and … Continued

Interdisciplinary Research Group in Socio-technical CybersecuritySecurity Analysis of Key Acquiring Strategies Used by Cryptographic RansomwareGenç Ziya Alper, Lenzini Gabriele, Ryan Peter Abstract:To achieve its goals, ransomware needs to employ strong encryption, which in turn requires access to high-grade encryption keys. Over the evolution of ransomware, various techniques have been observed to accomplish the latter. Understanding … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityNo Random, No Ransom: A Key to Stop Cryptographic RansomwareZiya Alper Genç, Gabriele Lenzini, Peter Y. A. RyanAbstract:To be effective, ransomware has to implement strong encryption, and strong encryption in turn requires a good source of random numbers. Without access to true randomness, ransomware relies on the pseudo random number … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityNext Generation Cryptographic RansomwareZiya Alper Genç, Gabriele Lenzini, Peter Y. A. RyanAbstract:We are assisting at an evolution in the ecosystem of cryptoware - the malware that encrypts files and makes them unavailable unless the victim pays up. New variants are taking the place once dominated by older versions; incident reports … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityCase Study: Analysis and Mitigation of a Novel Sandbox-Evasion TechniqueZiya Alper Genç, Gabriele Lenzini, Daniele SgandurraAbstract:Malware is one of the most popular cyber-attack methods in the digital world. According to the independent test company AV-TEST, 350,000 new malware samples are created every day. To analyze all samples by hand to … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityOn Deception-Based Protection Against Cryptographic RansomwareZiya Alper Genç, Gabriele Lenzini, Daniele SgandurraAbstract:In order to detect malicious file system activity, some commercial and academic anti-ransomware solutions implement deception-based techniques, specifically by placing decoy files among user files. While this approach raises the bar against current ransomware, as any access to a … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityNoCry: No More Secure Encryption Keys for Cryptographic RansomwareZiya Alper Genç, Gabriele Lenzini, Peter Y. A. RyanAbstract:Since the appearance of ransomware in the cyber crime scene, researchers and anti-malware companies have been offering solutions to mitigate the threat. Anti-malware solutions differ on the specific strategy they implement, and all have … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityA Game of “Cut and Mouse”: Bypassing Antivirus by Simulating User InputsZiya Alper Genç, Gabriele Lenzini, Daniele Sgandurra Abstract: To protect their digital assets from malware attacks, most users and companies rely on anti-virus (AV) software. But AVs' protection is a full-time task and AVs are engaged in a cat-and-mouse … Continued