Ransomware behavioural analysis on windows platforms

Authors/Creators

Nikolai Hampton
Zubair A. Baig, Edith Cowan UniversityFollow
Sherali Zeadally

Abstract

Ransomware infections have grown exponentially during the recent past to cause major disruption in operations across a range of industries including the government. Through this research, we present an analysis of 14 strains of ransomware that infect Windows platforms, and we do a comparison of Windows Application Programming Interface (API) calls made through ransomware processes with baselines of normal operating system behaviour. The study identifies and reports salient features of ransomware as referred through the frequencies of API calls

RAS ID

29437

Document Type

Journal Article

Date of Publication

2018

Location of the Work

United Kingdom

School

School of Science

Publisher

Elsevier

Comments

This is an Author's Accepted Manuscript of: Hampton, N., Baig, Z., & Zeadally, S. (2018). Ransomware behavioural analysis on windows platforms. Journal of Information Security and Applications, 40, 44-51. Available here.

Recommended Citation

Hampton, N., Baig, Z. A., & Zeadally, S. (2018). Ransomware behavioural analysis on windows platforms. DOI: https://doi.org/10.1016/j.jisa.2018.02.008