Analysis of Ransomware Using Reverse Engineering Techniques to Develop Effective Countermeasures

General Information

ISSN: 1798-2340 (Online)
Frequency: Monthly
DOI: 10.12720/jait
Indexing: ESCI (Web of Science), Scopus, CNKI, etc.
Acceptance Rate: 19%
APC: 500 USD
Average Days to Accept: 135 days
Journal Metrics:

Impact Factor 2022: 1.0

3.1

2022CiteScore

49th percentile

Powered by

Editor-in-Chief

Prof. Kin C. Yow

University of Regina, Saskatchewan, Canada

I'm delighted to serve as the Editor-in-Chief of Journal of Advances in Information Technology. JAIT is intended to reflect new directions of research and report latest advances in information technology. I will do my best to increase the prestige of the journal.

What's New

2024-03-28

Vol. 15, No. 3 has been published online!

2024-02-26

The papers published in Vol. 15, Nos. 1&2 have been registered with Crossref.

2024-02-26

Vol. 15, No. 2 has been published online!

Home > Published Issues > 2023 > Volume 14, No. 2, 2023 >

JAIT 2023 Vol.14(2): 284-294
doi: 10.12720/jait.14.2.284-294

Naif Alsharabi 1,2,*, Mariam F. Alshammari 1, and Yasser Alharbi 1

1. Department of Computer Engineering, College of Computer Science and Engineering, University of Ha’il, Ha’il 55476, Saudi Arabia; Email: s20200325@uoh.edu.sa (M.F.A.), y.alharbi@uoh.edu.sa (Y.A.)
2. College of Engineering and IT, Amran University, Amran 00977, Yemen
*Correspondence: n.sharabi@uoh.edu.sa, sharabi28@hotmail.com (N.A.)

Manuscript received October 28, 2022; revised December 12, 2022, accepted February 2, 2023; published April 4, 2023.

Abstract—Ransomware is the most severe threat to companies and organizations, snowballing daily. Ransomware comes in various types that are difficult for non-specialists to distinguish and evolve and change encryption techniques to avoid detection. Ransomware has become a worldwide incidence during the Corona pandemic and remote work, accountable for millions of dollars of losses annually; This malware threatens victims to lose sensitive data unless they pay a ransom, usually by encrypting the victims’ hard drive contents until the ransom is paid. The study focused on literature reviews and publications issued by international organizations interested in ransomware analysis to build a strong background in this field. Used static analysis and reverse engineering methodology to investigate ransomware to understand its purpose, functionality, and effective countermeasures against it. Finally, after Dearcry and Babuk ransomware were analyzed, written the Yara rule to detect and suggested countermeasures against them to help cybersecurity professionals better understand the inner workings of real ransomware and develop advanced countermeasures against similar attacks in the future.

Keywords—ransomware, encryption, malware, crypto, reverse engineering, static analysis

Cite: Naif Alsharabi, Mariam F. Alshammari, and Yasser Alharbi, "Analysis of Ransomware Using Reverse Engineering Techniques to Develop Effective Countermeasures," Journal of Advances in Information Technology, Vol. 14, No. 2, pp. 284-294, 2023.

Copyright © 2023 by the authors. This is an open access article distributed under the Creative Commons Attribution License (CC BY-NC-ND 4.0), which permits use, distribution and reproduction in any medium, provided that the article is properly cited, the use is non-commercial and no modifications or adaptations are made.

附件说明

PREVIOUS PAPER

Balanced Truncation Approach for Unstable Continuous Systems Based on Mapping

NEXT PAPER

Extractive Text Summarization for Indonesian News Article Using Ant System Algorithm

Home

Author Guide

Editor Guide

Reviewer Guide

Published Issues

Special Issue

Sections and Topics

journal menu