Question

What is the main contribution include in the Ransomware?

Answer 1

First learn what is Ransomware?

Ransomware is a form of malware that blackmails its victim. The name “ransomware” comes from the ransom note asking its victim to pay some ransom in return for gaining back access to their data or device, or for the attacker not to divulge the victim’s embarrassing or compromising information. It usually spreads through malicious e-mail attachments, infected software apps, infected external storage devices or compromised websites. Unlike other types of malware which typically try to remain undetected, ransomware exposes itself at some stage of its execution in order to deliver the ransom demand to its victim. This demand is usually presented with a note that appears on the screen before or after the encryption occurs, outlining the threat and accompanied by a detailed set of instructions for making the payment, typically through a cryptocurrency.

Now main contribution :

The main contribution of this paper is a predictive model of ransomware stages, which came out from a study of 18 ransomware families by looking into Windows Application Programming Interface (API) function calls during each ransomware execution. Another contribution of this research focuses on querying and interviewing ransomware victims to find common factors between attacks, in order to be able to generate a more high-level understanding of ransomware deployment methods.

The rest of the paper is organised as follows. The "Ransomware overview" section provides a more in-depth look into ransomware, including its attack vectors, the way it may target user files, as well as an outline of related work, both in understanding ransomware and in combating it. The "Methodology" section outlines the two-pronged methodology used in our research, namely the development of a predictive model of ransomware deployment, and the user study to gain better understanding on ransomware deployment. The "Results, analysis and discussion" section presents the results of our research, in particular the predictive model of ransomware deployment involving the stages of ransomware deployment, leading to ideas for preventive action to deal with ransomware deployment threat effectively. The results from the user study are also summarised, analysed and discussed, shedding light into the ransomware victims’ perception and behaviour in the aftermath of a ransomware incident. All of these may contribute towards better techniques in combating ransomware. "Conclusion" section concludes our paper and presents some ideas for future work.

We developed a Methodology :

We developed a predictive model of ransomware, in our attempt to characterise all variants of each family of ransomware into one model. The process included the development of a classifier (to parse, classify and output graphs detailing the behavioural constructs of a ransomware), as well as creating a safe environment to analyse the ransomware samples.

In conjunction to this model, we carried out a user study to get a picture of ransomware deployment process.

I hop you like my Answer Thank you!!!