A User-friendly Model for Ransomware Analysis Using Sandboxing

作     者：Akhtar Kamal Morched Derbali Sadeeq Jan Javed Iqbal Bangash Fazal Qudus Khan Houssem Jerbi Rabeh Abbassi Gulzar Ahmad 

作者机构：Department of Computer Science&Information TechnologyNational Center for Cyber SecurityUniversity of Engineering&TechnologyPeshawar25120Pakistan Department of Information TechnologyFaculty of Computing and Information TechnologyKing Abdulaziz UniversityJeddah21589Saudi Arabia Institute of Computer Sciences and Information Technology(ICS/IT)University of AgriculturePeshawar25130Pakistan Department of Industrial/Electrical EngineeringCollege of EngineeringUniversity of Ha’ilHail1234Saudi Arabia Department of Electrical EngineeringUniversity of Engineering&TechnologyPeshawar25120Pakistan 

出 版 物：《Computers, Materials & Continua》 (计算机、材料和连续体（英文）)

年 卷 期：2021年第67卷第6期

页      面：3833-3846页

核心收录：

学科分类：0839[工学-网络空间安全] 08[工学] 081201[工学-计算机系统结构] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：support of Security Testing-Innovative Secured Systems Lab(ISSL)established at University of Engineering&Technology Peshawar Pakistan under the Higher Education Commission initiative of National Center for Cyber Security(Grant No.2(1078)/HEC/M&E/2018/707) 

主　　题：Ransomware sandbox user-friendly model survey 

摘      要：Ransomware is a type of malicious software that blocks access to a computer by encrypting user’s files until a ransom is paid to the *** have been several reported high-profile ransomware attacks including WannaCry,Petya,and Bad Rabbit resulting in losses of over a billion dollars to various individuals and businesses in the *** analysis of ransomware is often carried out via sandbox environments;however,the initial setup and configuration of such environments is a challenging ***,it is difficult for an ordinary computer user to correctly interpret the complex results presented in the reports generated by such environments and analysis *** this research work,we aim to develop a user-friendly model to understand the taxonomy and analysis of ransomware ***,we aim to present the results of analysis in the form of summarized reports that can easily be understood by an ordinary computer *** model is built on top of the well-known Cuckoo sandbox environment for identification of the ransomware as well as generation of the summarized *** addition,for evaluating the usability and accessibility of our proposed model,we conduct a comprehensive user survey consisting of participants from various fields,e.g.,professional developers from software houses,people from academia(professors,students).Our evaluation results demonstrate a positive feedback of approximately 92%on the usability of our proposed model.