Work place: Gdańsk University of Technology/Electronics, Telecommunications & Informatics, Gdańsk, 80-233, Poland
Research Interests: Computer systems and computational processes, Artificial Intelligence, Robotics, Computer Networks, Data Structures and Algorithms
Luckson Simukonda is currently pursuing a masters degree at Gdańsk University of Technology studying Control Engineering and Robotics in the Faculty Of Electronics, Telecommunications and Informatics. He holds a Bachelors Degree in Computer Science from Mulungushi University which was awarded to him in the year 2015. His research interests are Artificial Intelligence and Robotics and Computer Networks and Security.
DOI: https://doi.org/10.5815/ijitcs.2018.01.05, Pub. Date: 8 Jan. 2018
Crypto ransomware has earned an infamous reputation in the malware landscape and its sound sends a lot of shivers to many despite being a new entrant. The media has not helped matters even as the myths and inaccuracies surrounding crypto ransomware continue to deepen. It’s been purported that once crypto ransomware attacks, the victim is left with no option but to pay in order to retrieve the encrypted data, and that without a guarantee, or risk losing the data forever. Security researchers are inadvertently thrown into a cat-and-mouse chase to catch up with the latest vices of the aforesaid in order to provide data resilience. In this paper, we debunk the myths surrounding loss of data via a crypto ransomware attack. Using a variety of crypto ransomware samples, we employ reverse engineering and dynamic analysis to evaluate the underlying attack structures and data deletion techniques employed by the ransomware. Further, we expose the data deletion techniques used by ransomware to prevent data recovery and suggest how such could be countered. From the results, we further present observed sandbox evasion techniques employed by ransomware against both static and dynamic analysis in an effort to obfuscate its operations and subsequently prevent data recovery. Our analyses have led us to the conclusion that no matter how devastating a crypto ransomware attack might appear, the key to data recovery options lies in the underlying attack structure and the implemented data deletion methodology.[...] Read more.
Subscribe to receive issue release notifications and newsletters from MECS Press journals