Dual-use Research in Ransomware Attacks: A Discussion on Ransomware Defence Intelligence

Ziya Alper Genç; Gabriele Lenzini

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Dual-use Research in Ransomware Attacks: A Discussion on Ransomware Defence Intelligence

Topics: Malware Detection; Threat Awareness

In Proceedings of the 6th International Conference on Information Systems Security and Privacy ICISSP - Volume 1, 585-592, 2020 , Valletta, Malta

Authors: Ziya Alper Genç and Gabriele Lenzini

Affiliation: Interdisciplinary Centre for Security, Reliability and Trust (SnT), University of Luxembourg, Luxembourg

Keyword(s): Ransomware, Double Use Research in Cryptography, Threat Intelligence and Counter-intelligence.

Abstract: Previous research has shown that developers rely on public platforms and repositories to produce functional but insecure code. We looked into the matter for ransomware, enquiring whether also ransomware engineers re-use the work of others and produce insecure code. By methodically reverse-engineering 128 malware executables, we have found that, out of 21 ransomware samples, 9 contain copy-paste code from public resources. Thanks to this finding, we managed to retrieve the decryption keys with which to nullify the ransomware attacks. From this fact, we recall critical cases of code disclosure in the recent history of ransomware and, arguing that ransomware are components in cyber-weapons, reflect on the dual-use nature of this research. We further discuss benefits and limits of using cyber-intelligence and counter-intelligence strategies that could be used against this threat.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.144.90.108

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Genç, Z. and Lenzini, G. (2020). Dual-use Research in Ransomware Attacks: A Discussion on Ransomware Defence Intelligence. In Proceedings of the 6th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-399-5; ISSN 2184-4356, SciTePress, pages 585-592. DOI: 10.5220/0009000505850592

@conference{icissp20,
author={Ziya Alper Gen\c{C}. and Gabriele Lenzini.},
title={Dual-use Research in Ransomware Attacks: A Discussion on Ransomware Defence Intelligence},
booktitle={Proceedings of the 6th International Conference on Information Systems Security and Privacy - ICISSP},
year={2020},
pages={585-592},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009000505850592},
isbn={978-989-758-399-5},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 6th International Conference on Information Systems Security and Privacy - ICISSP
TI - Dual-use Research in Ransomware Attacks: A Discussion on Ransomware Defence Intelligence
SN - 978-989-758-399-5
IS - 2184-4356
AU - Genç, Z.
AU - Lenzini, G.
PY - 2020
SP - 585
EP - 592
DO - 10.5220/0009000505850592
PB - SciTePress