In-Depth Analysis of Ransom Note Files

In-Depth Analysis of Ransom Note Files

During recent years, many papers have been published on ransomware, but to the best of our knowledge, no previous academic studies have been conducted on ransom note files. In this paper, we present the results of a depth study on filenames and the content of ransom files. We propose a prototype to...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Yassine Lemmou, Jean-Louis Lanet, El Mamoun Souidi
Formato: article
Lenguaje:EN
Publicado: MDPI AG 2021
Materias:
ransomware
ransom note file
detection
identification
Latent Semantic Analysis
Machine Learning
Electronic computers. Computer science
QA75.5-76.95
Acceso en línea:https://doaj.org/article/e756da32a7414a7c82e55cda912082ec
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
id oai:doaj.org-article:e756da32a7414a7c82e55cda912082ec
record_format dspace
spelling oai:doaj.org-article:e756da32a7414a7c82e55cda912082ec2021-11-25T17:17:26ZIn-Depth Analysis of Ransom Note Files10.3390/computers101101452073-431Xhttps://doaj.org/article/e756da32a7414a7c82e55cda912082ec2021-11-01T00:00:00Zhttps://www.mdpi.com/2073-431X/10/11/145https://doaj.org/toc/2073-431XDuring recent years, many papers have been published on ransomware, but to the best of our knowledge, no previous academic studies have been conducted on ransom note files. In this paper, we present the results of a depth study on filenames and the content of ransom files. We propose a prototype to identify the ransom files. Then we explore how the filenames and the content of these files can minimize the risk of ransomware encryption of some specified ransomware or increase the effectiveness of some ransomware detection tools. To achieve these objectives, two approaches are discussed in this paper. The first uses Latent Semantic Analysis (LSA) to check similarities between the contents of files. The second uses some Machine Learning models to classify the filenames into two classes—ransom filenames and benign filenames.Yassine LemmouJean-Louis LanetEl Mamoun SouidiMDPI AGarticleransomwareransom note filedetectionidentificationLatent Semantic AnalysisMachine LearningElectronic computers. Computer scienceQA75.5-76.95ENComputers, Vol 10, Iss 145, p 145 (2021)
institution DOAJ
collection DOAJ
language EN
topic ransomware
ransom note file
detection
identification
Latent Semantic Analysis
Machine Learning
Electronic computers. Computer science
QA75.5-76.95
spellingShingle ransomware
ransom note file
detection
identification
Latent Semantic Analysis
Machine Learning
Electronic computers. Computer science
QA75.5-76.95
Yassine Lemmou
Jean-Louis Lanet
El Mamoun Souidi
In-Depth Analysis of Ransom Note Files
description During recent years, many papers have been published on ransomware, but to the best of our knowledge, no previous academic studies have been conducted on ransom note files. In this paper, we present the results of a depth study on filenames and the content of ransom files. We propose a prototype to identify the ransom files. Then we explore how the filenames and the content of these files can minimize the risk of ransomware encryption of some specified ransomware or increase the effectiveness of some ransomware detection tools. To achieve these objectives, two approaches are discussed in this paper. The first uses Latent Semantic Analysis (LSA) to check similarities between the contents of files. The second uses some Machine Learning models to classify the filenames into two classes—ransom filenames and benign filenames.
format article
author Yassine Lemmou
Jean-Louis Lanet
El Mamoun Souidi
author_facet Yassine Lemmou
Jean-Louis Lanet
El Mamoun Souidi
author_sort Yassine Lemmou
title In-Depth Analysis of Ransom Note Files
title_short In-Depth Analysis of Ransom Note Files
title_full In-Depth Analysis of Ransom Note Files
title_fullStr In-Depth Analysis of Ransom Note Files
title_full_unstemmed In-Depth Analysis of Ransom Note Files
title_sort in-depth analysis of ransom note files
publisher MDPI AG
publishDate 2021
url https://doaj.org/article/e756da32a7414a7c82e55cda912082ec
work_keys_str_mv AT yassinelemmou indepthanalysisofransomnotefiles
AT jeanlouislanet indepthanalysisofransomnotefiles
AT elmamounsouidi indepthanalysisofransomnotefiles
_version_ 1718412565266038784

Ejemplares similares