DOI QR코드

DOI QR Code

Ransomware attack analysis and countermeasures of defensive aspects

랜섬웨어 공격분석 및 방어적 측면의 대응방안

  • Hong, Sunghyuck (Division of Information & Communication, Baekseok University) ;
  • Yu, Jin-a (Division of Information & Communication, Baekseok University)
  • 홍성혁 (백석대학교 정보통신학부) ;
  • 유진아 (백석대학교 정보통신학부)
  • Received : 2018.01.31
  • Accepted : 2018.02.20
  • Published : 2018.02.28

Abstract

Ransomeware is a kind of malware. Computers infected with Ransomware have limited system access. It is a malicious program that must provide a money to the malicious code maker in order to release it. On May 12, 2017, with the largest Ransomware attack ever, concerns about the Internet security environment are growing. The types of Ransomware and countermeasures to prevent cyber terrorism are discussed. Ransomware, which has a strong infectious nature and has been constantly attacked in recent years, is typically in the form of Locky, Petya, Cerber, Samam, and Jigsaw. As of now, Ransomware defense is not 100% free. However, it can counter to Ransomware through automatic updates, installation of vaccines, and periodic backups. There is a need to find a multi-layered approach to minimize the risk of reaching the network and the system. Learn how to prevent Ransomware from corporate and individual users.

랜섬웨어란 악성코드의 일종이다. 랜섬웨어에 감염된 컴퓨터는 시스템 접근이 제한된다. 이를 해제하기 위해서는 악성 코드 제작자에게 대가를 제공해야 한다. 최근 최대 규모의 랜섬웨어 공격이 발생함에 따라 인터넷 보안 환경에 대한 우려가 점점 커지고 있다. 랜섬웨어에 대한 종류와 사이버테러 피해를 막기 위한 대응 방안을 알아본다. 강력한 감염성을 가지며 최근에도 끊임없이 공격해오는 랜섬웨어는 대표적으로 Locky, Petya, Cerber, Samam, Jigsaw가 있고, 점점 공격패턴이 진화중이며 요구 결제 금액 또한 증가하고 있다. 현재로써 랜섬웨어 방어는 100% 특효약이 있는 것이 아니다. 하지만 자동업데이트, 백신설치, 주기적 백업을 통해 랜섬웨어에 대응 할 수 있다. 본 연구에서는 네트워크와 시스템에 도달하지 못하도록 다층적인 접근 방법을 제시하여, 기업과 개인 사용자들의 랜섬웨어 예방 방법을 제시하였다.

Keywords

References

  1. H. Y. Kim, D. J. Kang & Y. Yeom. (2017). Dynamic ransomware protection using deterministic random bit generator. 2017 IEEE Conference on Application, Information and Network Security. DOI : 10.1109/ains.2017.8270426
  2. L. D. Yu.. (2015). Threats and countermeasures of malware. Journal of Convergence for Information Technology. 5(1), 13-18. https://doi.org/10.22156/CS4SMB.2015.5.1.013
  3. M. Dave. (2016). Beware-Ransomware! River Publisher. http://pop.riverpublishers.com/opinions.php?id=4 DOI : 10.13052/popcas004
  4. Juggling Identities. (2009). Four. Ideal Types of Crypto-Jewish Identity. USA : Columbia University Press.
  5. Juggling Identities. (2009). APT attacks and Countermeasures. USA : Columbia University Press.
  6. A. K. Sood & R. Enbody. (2012). Targeted cyberattacks: a superset of advanced persistent threats. IEEE security & privacy, 11(1), 54-61. DOI : 10.1109/msp.2012.90
  7. E. Sava & C. Yilmaz. (2015). A Generic Method for the Analysis of a Class of Cache Attacks: A Case Study for AES. The Computer Journal, 58(10), 2716-2737. DOI : 10.1093/comjnl/bxv027
  8. P. Dixit, J. Zalke & S. Admane. (2017). Speed optimization of aes algorithm with hardware-software co-design. IEEE 2017 2nd International Conference for Convergence in Technology (I2CT). IEEE : India. DOI : 10.1109/i2ct.2017.8226237
  9. C. P. Pramod & M. Jaiswal. (2017). An advanced AES algorithm using swap and 400 bit data block with flexible S-Box in Cloud Computing. 2017 3rd International Conference on Computing, Communication and Automation (ICCCA). IEEE : India. DOI : 10.1109/ccaa.2017.8229888
  10. Y. Jeong, Y. Yon & J. Ku. (2017). Hash-chain-based IoT authentication scheme suitable for small and medium enterprises. Convergence Society for SMB, 7(4), 105-111. DOI : 10.22156/cs4smb.2017.7.4.105
  11. M. S. Wamser & G. Sigl. (2017). Pushing the limits further : Sub-atomic AES. 2017 IFIP/IEEE International Conference on Very Large Scale Integration (VLSI-SoC). IEEE : United Arab Emirates. DOI : 10.1109/vlsi-soc.2017.8203470
  12. S. L. Chikouche & N. Chikouche. (2017). An improved approach for lsb-based image steganography using AES algorithm. 2017 5th International Conference on Electrical Engineering-Boumerdes (ICEE-B). IEEE : Algeria. DOI : 10.1109/icee-b.2017.8192077
  13. A. K. Sood & S. Zeadally. (2016). Drive-By Download Attacks : A Comparative Study. IT Professional, 18(5), 18-25. DOI : 10.1109/mitp.2016.85
  14. M. Jodavi, M. Abadi & E. Parhizkar. (2015). DbDHunter : An ensemble-based anomaly detection approach to detect drive-by download attacks. 2015 5th International Conference on Computer and Knowledge Engineering (ICCKE). IEEE : Iran. DOI : 10.1109/iccke.2015.7365841
  15. J. Lee. (2017). A Study on gateway authentication protocol in IoT. Convergence Society for SMB, 7(3), 91-96. DOI : 10.22156/cs4smb.2017.7.3.091
  16. Y. Takata, M. Akiyama, T. Yagi, T. Hariu & S. Goto. (2015). MineSpider : Extracting URLs from Environment-Dependent Drive-by Download Attacks. 2015 IEEE 39th Annual Computer Software and Applications Conference. IEEE : Taiwan. DOI : 10.1109/compsac.2015.76
  17. A. Yousefi, & S. M. Jameii. (2017). Improving the security of internet of things using encryption algorithms. 2017 International Conference on IoT and Application (ICIOT). IEEE : India. DOI : 10.1109/iciota.2017.8073627
  18. M. S. Gu, Y. Z. Li. (2015). A Study of Countermeasures for Advanced Persistent Threats attacks by malicious code. Journal of Convergence for Information Technology. 7(4), 37-42.
  19. P. S. Shin, J. M. Kim. (2014). Security and Hacking on Wireless Networking for Small and Medium Business : Survey. Journal of Convergence for Information Technology. 4(3), 15-20. https://doi.org/10.22156/CS4SMB.2014.4.3.015