 A review on spreading and Forensics Analysis of Windows-Based ransomwareNarendrakumar Mangilal Chayal (),
Ankur Saxena and
Rijwan Khan
Annals of Data Science, 2024, vol. 11, issue 5, No 1, 1503-1524 Abstract: Abstract Ransomware is one of the most advanced malware which uses high computer resources and services to encrypt system data once it infects a system and causes large financial data losses to the organization and individuals. There are certain automatic ransomware detection and analysis strategies available nowadays. File system analysis reveals some essential patterns and artifacts that can be very useful to understand its behavior spreading mechanism, taxonomy for malware forensics experts. Current trend explores Ransomware as a service (RaaS) and Malware as a service (MaaS) on Darknet. This paper reveals a theory of digital forensic methodology to identify the spreading/infection mechanism and attack path, the cryptographic methodology, windows services, process, APIs, persistence mechanism, and system lockdown strategies and malware analysis methodology. This review could be helpful to learn and understand malware forensic analysis for threat researchers, students, cyber experts, etc. Keywords: Ransomware; Malware; Cyber Attack; Malware Forensics; Cyber Forensics (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:spr:aodasc:v:11:y:2024:i:5:d:10.1007_s40745-022-00417-5 Ordering information: This journal article can be ordered from DOI: 10.1007/s40745-022-00417-5 Access Statistics for this article Annals of Data Science is currently edited by Yong Shi More articles in Annals of Data Science from Springer |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.