Dual-Use Research In Ransomware Attacks: A Discussion on Ransomware Defence Intelligence

Genç, Ziya Alper; Lenzini, Gabriele

doi:10.5220/0009000505850592

Download

Paper published in a book (Scientific congresses, symposiums and conference proceedings)

Dual-Use Research In Ransomware Attacks: A Discussion on Ransomware Defence Intelligence

Genç, Ziya Alper; Lenzini, Gabriele

2020 • In Proceedings of the 6th International Conference on Information Systems Security and Privacy

Peer reviewed

Permalink
https://hdl.handle.net/10993/42164

DOI
10.5220/0009000505850592

Files (1)Send to Details Statistics Bibliography Similar publications

Files

Full Text

gl2020.pdf

Author postprint (285.85 kB)

Download

All documents in ORBilu are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

Ransomware; Double Use Research in Cryptography; Threat Intelligence and Counter-Intelligence

Abstract :

[en] Previous research has shown that developers rely on public platforms and repositories to produce functional but insecure code. We looked into the matter for ransomware, enquiring whether also ransomware engineers re-use the work of others and produce insecure code. By methodically reverse-engineering 128 malware executables, we have found that, out of 21 ransomware samples, 9 contain copy-paste code from public resources. Thanks to this finding, we managed to retrieve the decryption keys with which to nullify the ransomware attacks. From this fact, we recall critical cases of code disclosure in the recent history of ransomware and, arguing that ransomware are components in cyber-weapons, reflect on the dual-use nature of this research. We further discuss benefits and limits of using cyber-intelligence and counter-intelligence strategies that could be used against this threat.

Research center :

- Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Other

Disciplines :

Computer science

Author, co-author :

Genç, Ziya Alper ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

Lenzini, Gabriele ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

External co-authors :

Language :

English

Title :

Dual-Use Research In Ransomware Attacks: A Discussion on Ransomware Defence Intelligence

Publication date :

2020

Event name :

6th International Conference on Information Systems Security and Privacy (ICISSP 2020)

Event organizer :

INSTICC

Event place :

Valletta, Malta

Event date :

25-27 February 2020

Audience :

International

Main work title :

Proceedings of the 6th International Conference on Information Systems Security and Privacy

Publisher :

SciTePress, Setúbal, Portugal

ISBN/EAN :

978-989-758-399-5

Collection name :

Volume 1

Pages :

585-592

Peer reviewed :

Peer reviewed

Focus Area :

Security, Reliability and Trust

Additional URL :

https://www.scitepress.org/PublicationsDetail.aspx?ID=8zJvb4O/df8=&t=1

Available on ORBilu :

since 27 January 2020

Statistics

Number of views

503 (21 by Unilu)

Number of downloads

501 (14 by Unilu)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

OpenCitations