Malware and its types
Malware is defined as malicious software and it affects by the software in the computer system. And malware is the kind of file or code and it enters the system through the network and it infect and steal the files for the attacker specification and it provide the remote control to the attacker and sued to steal the confidential data and analyze the affected user local network. And it acts as a spy to cause affect. In that spyware is one type of malware and it works as monitor the user location and has a concern about secret data and send the spam to the affected system to identify the causes. And it acts as virtually for the attacker. Adware is another type of malware and it make cause to the system by the way of sharing information and unwanted advertisement and works as software. And in that malware analysis worm and viruses are the important ad it affects the entire system. For this malware prevention method in the way of anti-virus software. Firewall is another kind of protection against the malware. Malicious attack is in the way of software remove and steal the confidential data from the computer system. And this malicious software has different types.
- Viruses
- Worms
- Trojans
- Rootkits
- RAT
- Botnets
- Spyware
- Trapdoor
- Logic bomb
- Mobile malicious code
- Malicious font
- Polymorphic malware
Virus is known a code or some software and it can get into the system easily by copying another program or when booting is happen it have a chance to enter in the computer system. And it can easily get into the system by the mail or the new downloaded files through the internet or it is used as either cd or pen drive. In that the viruses keep the piggyback and it entered and activated when the user open the code and virus may delete the data and the files in the storage disk of the system.
Worm is another kind of malware and in the system it can make causes through creating duplicate files from its original document. And it entered in the system when the system is busy or in slowing process. And it is used to replicate the viruses and for the security vulnerabilities to against the system and worms do not works as attach with the programs or code do not need to alter the file and it can enter the system make cause in the file as duplicate without the user action.
Trojans also kind of malware it entered into the system in the way of programmable code or software and it make a cause in the hard disk and also it is a part of malware. If Trojans entered into the computer system and activated it can make the programs out to the system. Compared to other viruses do not copy by the infection and also it has a part in malware and Trojans are like software as attractive to the user.
Virus
It acts as a software tool sued to the intruders get the access of computer knowledge without the permission of the computer. And it is called as rootkit computers and it get through by variety of operating systems such as windows and Linux. And it has three types of rootkits. They are kernel, library and application rootkits. And it works as the program to deliver the root level access to the system. And it is known as masking software and it not contain the damaged software’s. And it has no fear about the anti-virus and the removal of programs.
RAT is known as remote admin Trojans and it has a remote control to access a system and it is used to get the password and steal the information and these kind of Trojans not visible to the users and entered into the system through cd or pen drive. But this Trojans were created for proper users and later attackers use this remote access and make causes in the system. But attackers do not list the actions or do not hack the actions through this Trojans.
Botnets is short form the robot networks and this is used to make an attack by the command and control servers and this kind of viruses have various function and adaptable to every system and also reduce the traffic by affected computers and also use the redundant servers.
It is also a kind of malware in the form of program or software and the main aim of this to getting the information about the person without the vision of the user. And information uploaded in the internet as advertisement through this spyware. And it can enter into the computers in the way of installing new software by using pen drives or any other way. And it acts as a malware and get the information about the affected system and pass the information to the attacker. And it is used to analyze the threats affected in the system and stolen information and these kind of infections are more in the malware.
Trapdoor is another kind of malware and it is used to get the access of the other system permission like without knowing the password. And hackers generally use this trapdoor to get the person details.
Logic bomb also known as malware is like a programming code and it appearance like executable files and it use the time or gap from the delay of the program execution and the logic bombs this delay and get into the system and delete the data.
Worm
It is also a kind of malware and it acts like a remote access to get the information and it is look like a web documents and it executes in web browser.
Webpages describe about the method of the font as malicious to work for the security.
This kind of malware has the strength to morph and changing the vision of the code in the algorithm often.
Basic malware analysis
In the malware analysis the scenario is based on the mail had an attachment and have to check whether the attached file contains malicious. The person opened the file suddenly and known it was infected so the process of malicious in the file is described below.
Social engineering is the phrase adoption for deep area of malicious activities consummate through human communication. Malicious mean at predetermined to damage upset other people. It helps to cognitive manipulation to technic handled through to made security blunder, away emotional details.
Social engineering charge get in many contrasting forms and can be acted allover place where human communication is joined. The five most natural forms of social engineering aggression.
1)Baiting
2) Scareware
3) pretexting
4) phishing
5) spear phishing
Baiting attack adoption a fake agreement to a causality excess or concern. Users attract into a bait that steals their important details or exact their installed systems with malware. The commitment scorn design of it adoption environmental media to get out malware. Causality take the enticement out of eagerness and inside it into an effort or people computer output in electric harm run on the system.
Scareware is a brand of malware created to technic fatality into bought and download worthless and possibly critical program. It, which run blooper that feature windows computer messages, basically objective to antivirus or antispyware operating system, a firewall function or an attendance soap. A general scareware lesson is the appropriate, like blooper leading assume in victims browser although surfing the network, output such content as, “your system be allowed affect along harm spyware software’
Pretexting is one of the social engineering method in whatever an imaginary time is generated being the advantages of access personal and conscious details from an unwanted lone. It generally adopted find an aim along with discovering use of man/women data for enactment or manipulation.
Phishing is a try to earn delicate notes analogous usernames, passcode, and credit card information, regularly for malicious bounds, as a confidentially individual in an automatic contact. Phishing is one of the much famous social engineering parts, its blackmail is email and word message crusade proposal at discovering an impression of emergency, intrusiveness or despair in victims.
Trojan
Is an email or computerized connection scam destination almost a unique individual, management or trade. Admitting often calculated to steal data for malicious principle, the cyber culprit may also intend to run malware on an aimed victim’s computer.
After opened that file we known about the attached file with email has malicious or infected and the infected file with the original document and affected the entire system. By using anti-virus or prevention method or scanning process we get pure document what is really in the mail document.
Step 1
Backup and restore the important files what you have in your system.
Step 2
And do disconnect the internet if you are using any websites or downloading purpose stop that for some times.
Step 3
And use the safety measures while booting the system such as anti-virus and use scanning for the virus and retrieving the contents.
Step 4
And for the internet you may use another computer internet by the way of local area network connection for solve the malware problems and then only we can find about the malware and have safe when download the document from the internet.
Step 5
And have to analyze the malware and have to find the solution for the corresponding malware. And the virus needs to be remove by proper procedure.
Step 6
Scan the files what are the files were downloaded from the internet and used to scan multiple times. And use many tools to find the scanning purpose and removal of virus infected of the related file.
Step 7
And maintain the disk clean often and do format multiple times and remove the waste files do not related with content and also clean the temporary files using related software.
Step 8
And remove the system restore points and this points is used to the malware so delete all the files.
Malware normally defects such as operating system and applications and it can affect the newly updated software or operating system and it provide the data in the form of executable when the process execution comes to an end.
The system have the operating system and the disks such as floppy disks and it changed when booting the operating system and error has occurred when the operating system installed without booting then it shows the error in the run time. And the users make a mistake in run the software and sue the concepts also in the code to get the error often.
Spyware
In the malicious software it had many types in that some operating systems does not support prevention method to the software.
Static analysis used to analyze the malware without the use of running it. And this static analysis used to analyze the capability of the malware and also provide the indicators and has the key techniques.
And this basic static analysis it focus on the malware without the use of the code and rules and it has various tools and techniques use to check the file is infected or not and it provide the information such functionally and technical and provide the signatures. In that the technical analysis tell about the file, hashes and checksums.
And the dynamic analysis about the malware focus on run the malware for get the malware behavior and has to observer the functions and analyze the technical issues used in the signature detection. Technical issues like domain names and ip address and file location and also it analyze the attacker who has the control to access the server and that is used for command and control and this is useful to more malware files and the for the dynamic analysis it is used the sandboxes and malware engines and various tools are used for this dynamic allocation with the sandboxes. In this dynamic analysis it used the hashing technique to perform the searches about the information and for the hashing the algorithm is used such as md5 and sha algorithm. And in the information it has the file header and strings and the indicators used to analyze the infection and used to scan the signature. Dynamic analysis is a part of malware analysis and used to provide the indicators for the malware detection and have to protect the platform for the analysis of malware. And the analyst need to monitor the system process and the file activity and this analysis helps to get the behavior of the malware in the file system and in this dynamic analysis it had additional new techniques.
From the analysis of malware it will not execute and not change the behavior and use some planning to take a fake activities through the virtual machine and in the fake analysis the malware do not stop their behavior and some malware use fake issues like registry key and machine for the infection of the file.
Malware often change their code at the same time keep the functionality for keep safe from detection misuse and embed the malware into the target program and the behavioral of the malware can destroy the metamorphism. And ANI is a theory explain about the dependencies of data in the code.
Rootkit
Virtual machines is used based on the architectures and it describes the functionality of the computer system and the virtual machines used the combination of software and hardware and it has two types of virtual machine and they are system and process virtual machines. System virtual machine provide the sub of real machine and provide the functionality to the whole operating system and the virtual machines is used to execute the programs and the virtual memory has part in virtual machine and in the first level operating system implementation is done by sharing and it is use the privilege instructions to the code and used to share the memory among various machines. A sandbox is a breed of software testing .Situation a certain enables the confined beheading of software for autonomus computation, advising or testing.A sandbox like a test server. It is some times called development box. A sandbox stand for working directory.
They are three important thing followed by
1)Sandbox Detection: Detecting the important of a working directory.deteceting show on gentle attitude arrangement on finding.
2)Apply sandbox crack: Different deficiency or crack in sandbox machinery or in the environs.
3)Background-Aware Malware-Triggers some based method.Using Moment/case/environment,theese are nor simulate as sandbox find.
A tool competence for malware is to avoid or late investigation. Generally by carry out one place to move another place malware analysis apprehension along with evasion.When won, here can considerably development the period malware bottle extend in the wild unwanted,arrest or refuse.
Two types of monitoring
1) Interior Box Monitoring
2)Exterior box Monitoring
VM espial depending on the specialised inquiry habitat,and its marked framework is adjoining difficult to counter detection and dodging finished. If the studied work on the clone allowance stage as the investicate bit of malware.
VM Detection is usually forlorn,damaging ,this the case with number of malware find today.They perform watching Interior box modeling.After all ,We confidentially Vm detection myself becomes extra and extra unbehaviour because current manufactioring computers are broad virtualized whether assisitant or department.
That box methodology much different when the all process complete from the exterior box. Attendent to no incidental effects and artifacts ,can compared to malware on the indoor..
AS an consequence of this hypervisor authority,present world malware,equally, bucket no more find the vconstructive environment,although being investicated in VMRay. More effectively attitude trademark for maliciuous programing.VMRay analyzer use to disclose the virtual surrounding.
Espial,Many,contains,are,files,binder,regedit,services,mac,bios,window,magic,memory,version,IDTR<LDTR<TR<SMSW,I/O port.
revelation various parts are system name,core number,modules,check internet,disk spaces,files.
RAT
Immunity,debugger,ollydbg,regshot,fiddler,wireshark,processmonitor,process,hacker,process explorer.
In the ip analysis the DNS server is used to attackers can control the machines as well as secret machines and DNS is widely used in the malware detection and used to control the servers and generally the system use the malicious DNS use to find the malware and using this analysis of ip we can control the malware in traffic and the ip address has the feature in malware detection.
The DNS server is sued to detect the malware activity and these malware occurred in the way of viruses and it is used to analyze the complex in the longer network and malware infection is also another problem in the malware detection.
By extracting the features of detection we can obtain the traffic analyzes in the big network and it is called as big data. And this features consist of malicious DNS and in the form of network traffic features. Data collector in the DNS is used to record the traffic in the network. Malicious DNS detector is used to analyze the traffic in the network. And next one is the reputation engine is used to find the reputation score for the ip address called network traffic analyzer.
It is used to malware and ransom ware creation and it is involved in the malware pattern matching and used to identify the sensitive files that contain malware and it is used to describe the unwanted activity and the unauthorized activity and it is used to enable the detection against malware and sued to backup and restore the ransom ware files and also used for the data security.
Ransomware is a type of malicious software. The ransomware is used to limit the user system. Suppose the important information’s or images, videos, files are stored in your system. The ransomware easily lock our system. If you want to retrieve the images or information’s, then we have to pay some amount of money. Normally ransomware is used to theft the system information without any authentication.
Crypto ransomware is the type ransomware it’s used to perform encryption operation. The files are in encrypted format, so using crypto ransomware the encrypted files are easily infected. The infected files are rectified only we need to pay ransomware.
Background scenario
For instance, our company CFO, store the collection of personal photos, videos in our computer, unfortunately the images, videos and the sensitive information’s entire are missing. Our company CFO is an only victim of a crypto locker. She knows very well the information’s are theft by someone.
Botnets
The only way to recover the images is pay ransomware. But she wants your help, for retrieving her images, videos and also files without paying any money. The malicious samples were already located by the incident response team. So now we have encrypted samples and also malware. Your goal is recover the images without paying the ransom.
Tools
- Trend Micro Lock Screen Ransomware Tool
- Avast anti-ransomware tool
- Bit Defender Anti-ransomware
- Kaspersky anti-ransomware tool
- AVG ransomware decryption tools
- Malware bytes anti-ransomware or formerly Crypto Monitor
- Kaspersky Lab descriptors.
In malware there are two types of analysis are available. One is static analysis and another one dynamic analysis. Static analysis means the malware runs in actual method. Static analysis means actual analysis and dynamic analysis means behavior analysis. Using dynamic analysis the executable malwares are controlled and also monitored.
Each and every technique includes some elements of information’s, they are used to conduct the static analysis.
The actual codes and instructions are displayed by using static analysis. The capabilities of the malware and true intent of the malware are identified by using the static analysis. Using this technique the technical indicators are easily detected. In static analysis types of key elements are used.
If you want to check the file, malicious or not the only way is use the static analysis technique. In this technique all the information’s are collected. The basic static analysis can be gathered by technical indicators. In this analysis include lot of resources like file name, MD5 checksums or hashes, file type, file size and anti-virus detection tool.
The malware behaviors are accepted by the dynamic analysis. Using dynamic analysis the technical indicators are detect the signature. The basic dynamic analyses are revealed by the technical indicators. It includes domain names, IP address, and file path location on the system or network.
The automated sandboxes and malware engines are used to rectify the information’s. The technical indicators are used to associate the malware detection. It was a most important technique; it’s a game changing technique. It means the result is fully depending upon the dynamic analysis.
IDA stands for professional grade dissembler. It’s a most popular disassemble, used in reverse engineering technique. It’s not support the free community addition. IDA pro 5 is a type of free community addition.
The code is reconstructed by the popular disassemble. All the codes are in binary form, so we need to change code in assembler manner. And the executable information’s are used in assembly code for debug the errors.
All the debugging information’s are stored in debug file. And the main important thing is the disassembler is used to recover the functions and also the variable names. Malware reverse engineering technique it’s used for code recovering.
Other Types of Malware
The IDA stack analysis have a types of information, these information’s are used in reverse engineering process. IDA pro script serious is used to share the knowledge’s and also the tools with the community. It also provides some additional tools like tilib is a special type tool is used to describe the separate download.
Using this tool the important functions are identified with a name also. The matching function prototype is used to find the similarities between two functions. The argument names and types are automatically propagated. In reverse engineering some comments are used to describe the argument names.
The ransomware always target the following resources like audio, video, images, etc. for this reason ATC becomes more suspicious. It performs the programs as well as the files also. First it needs to perform the actions and change the file types
In ATC watches dozens of actions are initiated for protect the ransomware. But the detection method using ATC is very local method. Because cloud connections it’s not needed. In this technology is fully autonomous. That’s why the as ransomware heuristic parameters are used.
The sophisticated package techniques are used in several ransom ware. Typically the malware is classified in different class. In the sophisticated technique different statistical analyses are used.
The applications are performing the set of actions. They follow the step by step process. First step installation, and second one is checking the characteristics of the system. In dynamic analysis the result will support the ransom ware detection. But also some limitations are available in dynamic analysis, so the final results will be affected by the limitations.
A ransom ware infection is affected all encrypted files and make to lose the content or some files. By the encryption we can control the data stealing and infection and by the encryption method we can avoid the ransom ware.
Ransom ware encryption tool such as signsrch is used in the multiple encryption and it has certain strains have one solution and in generally the decryption is easy by the tool but need some technical methods.
The ransom ware encrypts the files using the symmetric crypto key system and encrypt the key by using asymmetric encryption and for this implementation the AES key is needed.
For the decryption number of tools is used to removal of ransom ware and we can use the tools directly. In that autolocky is a tool make decryption as feasible and another one is hydra craft and it is used to lock your computer and decrypt locker is an online tool is used to decrypt the encrypted files.
Social Engineering Techniques
In basic malware analysis we must have a good environment setup to analysis a malware. So we want to collect information efficiently to protect ourselves from malicious executable. The virtual machine is a best thing to test the purpose. The multiple computer would be test from malicious using the software. The virtual machine can setup the many virtual machine in the virtualization system. First we have to learn about when the malicious software have spread a malware in the internet. Have to configure the machine from the network with the limit access of network.
NAT: The host IP address in the virtual machine used to connect the machine in LAN on the network. If the machine cannot connect the other machine it because of the NAT and the machine must initial the connection. The range of the virtual machine is addressed by 10.0.2.0 that are not accessible in the host but can access the internet in the virtual machine.
Bridged Adapter: The host system have the network with own IP address of the virtual machine. The LAN contain the direct access to other machine.
Virtual box and VMWare: When the new virtual machine is setting we want to install the OS without any other data. We have to give username and the data not be relevant to other. The shared folder must have read only, so any malware in the system cannot affect the data in shared folder.
Tools
In basic malware analysis the most popular tool is the basic malware analysis of PEiD to detect packers, dependency walker for dynamic link. The PEview and FileAlyzer are used to examine the file and the malware resources are seen by hackers. These are used in basic analysis malware to find the malware and the function.
- Basic malware analysis tool
- Dynamic malware analysis tool
The basic malware analysis tools are PEiD, Dependency walker, Resource Hacker, PEview.
PEiD
PEiD is one of the smallest application that are used to detect the compliers, crypto. The malware are hard to analyze and detect there are often to pack. The latest versions of the PEiD was detect the PE files of signature more than 400 that are like text document that has been loaded is called user db.
Dependency walker
In basic malware analysis tool it one of the other greatest tool. It is the open sources application that are scanned in windows 32 and 64 bit and that list the function modules of import and export. It view only the detailed data of the file such as file path, version, and information.
Baiting
Resources Hacker
Resource hacker also called the ResHackers is one the open source application that are used to take the resources in the window. It can add and modify the resource such as strings, images etc.
PEview
PEview is the simplest tool and the application can use easily that can browse the data through from the PE files of the header and section.
FileAlyzer
FileAlyzer are used to read the information freely from PE file header and different Section, compare to PEview the application are more than the FileAlyzer. The VirusTotal tab is the one of the best feature are used to analysis the malware and the PECompact files.
Dynamic Malware Analysis Tools
The Dynamic malware analysis tool are Procmon, Process Explorer, Regshot, Netcat.
Procmon
It also called process monitor it is one of the free tool was developed by windows sysinternals that monitor the filesystems of the windows and registry. It combines with FileMon and RegMon. It has the greatest feature to add the filemon and procmon to filter the data and log the boottime.
References
Alatabbi, A. (2013). Malware Detection using Computational Biology Tools. International Journal of Engineering and Technology, pp.315-319.
Android Malware Detection And Prevention. (2017). International Journal of Recent Trends in Engineering and Research, 3(2), pp.213-217.
Cluley, G. (2010). Sizing up the malware threat – key malware trends for 2010. Network Security, 2010(4), pp.8-10.
HUANG, Q., WU, D. and SUN, X. (2010). Hierarchical method to analyze malware behavior. Journal of Computer Applications, 30(4), pp.1048-1052.
Ismail, I., Marsono, M., Khammas, B. and Nor, S. (2015). Incorporating known malware signatures to classify new malware variants in network traffic. International Journal of Network Management, 25(6), pp.471-489.
Jang, J., Kang, H., Woo, J., Mohaisen, A. and Kim, H. (2016). Andro-Dumpsys: Anti-malware system based on the similarity of malware creator and malware centric information. Computers & Security, 58, pp.125-138.
Kapse, G. and Gupta, A. (2015). Testing Android Anti-Malware against Malware Obfuscations. International Journal of Computer Applications, 111(17), pp.6-9.
Kong, D. and Yan, G. (2013). Discriminant malware distance learning on structuralinformation for automated malware classification. ACM SIGMETRICS Performance Evaluation Review, 41(1), p.347.
Kumar, A. and Goyal, S. (2016). Advance Dynamic Malware Analysis Using Api Hooking. International Journal Of Engineering And Computer Science.
Mahawer, D. and Nagaraju, A. (2013). Metamorphic malware detection using base malware identification approach. Security and Communication Networks, 7(11), pp.1719-1733.
Malware Detection in Cloud Computing Infrastructures. (2018). International Journal of Recent Trends in Engineering and Research, pp.223-227.
Scareware
Ollmann, G. (2008). The evolution of commercial malware development kits and colour-by-numbers custom malware. Computer Fraud & Security, 2008(9), pp.4-7.
Pekta?, A. and Acarman, T. (2013). A dynamic malware analyzer against virtual machine aware malicious software. Security and Communication Networks, 7(12), pp.2245-2257.
Pope, M., Warkentin, M. and Luo, X. (2012). Evolutionary Malware. International Journal of Wireless Networks and Broadband Technologies, 2(3), pp.52-60.
YANG, Y., SU, P., YING, L. and FENG, D. (2011). Dependency-Based Malware Similarity Comparison Method. Journal of Software, 22(10), pp.2438-2453.
A.Saeed, I., Selamat, A. and M. A. Abuagoub, A. (2013). A Survey on Malware and Malware Detection Systems. International Journal of Computer Applications, 67(16), pp.25-31.
Binh, N. (2017). Viral Logical Concept Analysis for Malware Conceptual Hierarchy Generation. International Journal of Machine Learning and Computing, 7(4), pp.49-54.
Bolton, A. and Anderson-Cook, C. (2017). APT malware static trace analysis through bigrams and graph edit distance. Statistical Analysis and Data Mining: The ASA Data Science Journal, 10(3), pp.182-193.
Garg, V. (2012). Macroeconomic Analysis of Malware. SSRN Electronic Journal.
Infectious Malware-Analysis and Protective Measures. (2015). International Journal of Science and Research (IJSR), 4(12), pp.1101-1105.
Leenu Singh, L. and Hassan, S. (2012). Virtualization Evolution For Transparent Malware Analysis. International Journal of Scientific Research, 2(6), pp.101-104.
Lin, Y., Shih, T., Wu, Y. and Lai, Y. (2013). Secure and transparent network traffic replay, redirect, and relay in a dynamic malware analysis environment. Security and Communication Networks, 7(3), pp.626-640.
Misra, A., Verma, M. and Sharma, A. (2014). Capturing the interplay between malware and anti-malware in a computer network. Applied Mathematics and Computation, 229, pp.340-349.
Popli, N. and Girdhar, A. (2017). WannaCry Malware Analysis. MERI-Journal of Management & IT, 10(2).
Potter, B. (2008). Scalable malware analysis. Network Security, 2008(4), pp.18-20.
SM-D (2012). Practical Malware Analysis. Network Security, 2012(12), p.4.
Survey Paper on APT Malware Identification using Malicious DNS and Traffic Analysis. (2015). International Journal of Science and Research (IJSR), 4(12), pp.403-405.
Tanaka, Y., Akiyama, M. and Goto, A. (2017). Analysis of malware download sites by focusing on time series variation of malware. Journal of Computational Science, 22, pp.301-313.
Vaishanav, L. (2017). Behavioural Analysis of Android Malware using Machine Learning. International Journal Of Engineering And Computer Science.
Acharya, A. (2017). Internet of Things, Ransomware and Terrorism. Journal of Defense Management, 07(01).
An Analysis and Averstion Of Highly Servivable Ransomware. (2017). International Journal of Recent Trends in Engineering and Research, 3(2), pp.201-205.
CABAJ, K. (2015). Network activity analysis of CryptoWall ransomware. PRZEGL?D ELEKTROTECHNICZNY, 1(11), pp.203-206.
Choudhary, M. (2018). Ransomware on Android devices. Forensic Science & Addiction Research, 2(2).
Digital Extortion: An Empirical Investigation on Ransomware Infection and Countermeasures. (2018). International Journal of Recent Trends in Engineering and Research, 4(4), pp.293-297.
Green, A. (2017). Ransomware and the GDPR. Network Security, 2017(3), pp.18-19.
Hernandez-Castro, J., Cartwright, E. and Stepanova, A. (2017). Economic Analysis of Ransomware. SSRN Electronic Journal.
Owens, B. (2016). ‘Ransomware’ cyberattack highlights vulnerability of universities. Nature.
RANSOMWARE AND ITS IMPACT IN INDIA – A LITERATUER STUDY. (2018). International Journal of Recent Trends in Engineering and Research, pp.273-276.
Ransomware auch im Gesundheitswesen. (2016). Schweizerische Ärztezeitung, 97(4950).
Ransomware claims more victims. (2016). Network Security, 2016(12), p.2.
Ransomware defeated but new forms emerge. (2015). Network Security, 2015(11), p.2.
Ransomware hiding in the dark. (2015). Computer Fraud & Security, 2015(9), pp.3-20.
Ransomware: threat and response. (2016). Network Security, 2016(10), pp.17-19.
The WannaCry ransomware attack. (2017). Strategic Comments, 23(4), p.vii-ix.
https://www.paloaltonetworks.com/cyberpedia/what-is-malware
https://www.bullguard.com/bullguard-security-center/pc-security/computer-threats/malware-definition,-history-and-classification.aspx
https://blog.emsisoft.com/en/27649/ransomware-encryption-methods/
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
