![]() Both quantitative and qualitative data were collected through questionnaires and in-depth interviews. ![]() Furthermore, we carried out a study on how potential victims (individuals, as well as IT support staff at universities and SMEs) detect that ransomware was being deployed on their machine, what steps they took to investigate the incident, and how they responded to the attack. Analysing the samples gathered for the predictive model provided an insight into the stages and timeline of ransomware execution. The stages are fingerprint, propagate, communicate, map, encrypt, lock, delete and threaten. The categorisation was done in respect to the stages of ransomware deployment methods with a predictive model we developed called Randep. This paper aims to address this challenge by carrying out an investigation on 18 families of ransomware, leading to a model for categorising ransomware behavioural characteristics, which can then be used to improve detection and handling of ransomware incidents. Therefore, in order to combat ransomware, we need a better understanding on how ransomware is being deployed, its characteristics, as well as how potential victims may react to ransomware incidents. ![]() The number of ransomware variants is also increasing, which means signature and heuristic-based detection techniques are becoming harder to achieve, due to the ever changing pattern of ransomware attack vectors. Ransomware incidents have increased dramatically in the past few years.
0 Comments
Leave a Reply. |