{"id":"https://openalex.org/W4380303285","doi":"https://doi.org/10.1145/3564746.3587004","title":"Conti Ransomware Development Evaluation","display_name":"Conti Ransomware Development Evaluation","publication_year":2023,"publication_date":"2023-04-12","ids":{"openalex":"https://openalex.org/W4380303285","doi":"https://doi.org/10.1145/3564746.3587004"},"language":"en","primary_location":{"id":"doi:10.1145/3564746.3587004","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3564746.3587004","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3564746.3587004","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 ACM Southeast Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3564746.3587004","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101498344","display_name":"Saleh Alzahrani","orcid":"https://orcid.org/0000-0001-8380-2487"},"institutions":[{"id":"https://openalex.org/I17301866","display_name":"University of Alabama","ror":"https://ror.org/03xrrjk67","country_code":"US","type":"education","lineage":["https://openalex.org/I17301866"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Saleh Alzahrani","raw_affiliation_strings":["Department of Computer Science, The University of Alabama, Tuscoloosa, AL, USA"],"raw_orcid":"https://orcid.org/0000-0001-8380-2487","affiliations":[{"raw_affiliation_string":"Department of Computer Science, The University of Alabama, Tuscoloosa, AL, USA","institution_ids":["https://openalex.org/I17301866"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046618429","display_name":"Yang Xiao","orcid":"https://orcid.org/0000-0001-8549-6794"},"institutions":[{"id":"https://openalex.org/I17301866","display_name":"University of Alabama","ror":"https://ror.org/03xrrjk67","country_code":"US","type":"education","lineage":["https://openalex.org/I17301866"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yang Xiao","raw_affiliation_strings":["Department of Computer Science, The University of Alabama, Tuscaloosa, Al, USA"],"raw_orcid":"https://orcid.org/0000-0001-8549-6794","affiliations":[{"raw_affiliation_string":"Department of Computer Science, The University of Alabama, Tuscaloosa, Al, USA","institution_ids":["https://openalex.org/I17301866"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5015182224","display_name":"Sultan Asiri","orcid":"https://orcid.org/0000-0002-7405-7646"},"institutions":[{"id":"https://openalex.org/I17301866","display_name":"University of Alabama","ror":"https://ror.org/03xrrjk67","country_code":"US","type":"education","lineage":["https://openalex.org/I17301866"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sultan Asiri","raw_affiliation_strings":["Department of Computer Science, The University of Alabama, Tuscaloosa, Al, USA"],"raw_orcid":"https://orcid.org/0000-0002-7405-7646","affiliations":[{"raw_affiliation_string":"Department of Computer Science, The University of Alabama, Tuscaloosa, Al, USA","institution_ids":["https://openalex.org/I17301866"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5101498344"],"corresponding_institution_ids":["https://openalex.org/I17301866"],"apc_list":null,"apc_paid":null,"fwci":0.5757,"has_fulltext":true,"cited_by_count":3,"citation_normalized_percentile":{"value":0.62915506,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"39","last_page":"46"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9886000156402588,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9814000129699707,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.9800244569778442},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6779576539993286},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6143366098403931},{"id":"https://openalex.org/keywords/ransom","display_name":"Ransom","score":0.49267250299453735},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.48029419779777527},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.4787294566631317}],"concepts":[{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.9800244569778442},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6779576539993286},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6143366098403931},{"id":"https://openalex.org/C2781426709","wikidata":"https://www.wikidata.org/wiki/Q1414572","display_name":"Ransom","level":2,"score":0.49267250299453735},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.48029419779777527},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.4787294566631317},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3564746.3587004","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3564746.3587004","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3564746.3587004","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 ACM Southeast Conference","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3564746.3587004","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3564746.3587004","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3564746.3587004","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 ACM Southeast Conference","raw_type":"proceedings-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.7799999713897705}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4380303285.pdf","grobid_xml":"https://content.openalex.org/works/W4380303285.grobid-xml"},"referenced_works_count":8,"referenced_works":["https://openalex.org/W1893133781","https://openalex.org/W2762151798","https://openalex.org/W2980075242","https://openalex.org/W3175479041","https://openalex.org/W3193692833","https://openalex.org/W4214919535","https://openalex.org/W4280577271","https://openalex.org/W4296438248"],"related_works":["https://openalex.org/W4237045072","https://openalex.org/W4386388924","https://openalex.org/W2614042168","https://openalex.org/W2778994855","https://openalex.org/W4285276936","https://openalex.org/W2913313394","https://openalex.org/W4281476659","https://openalex.org/W4213358345","https://openalex.org/W4206259164","https://openalex.org/W2914950722"],"abstract_inverted_index":{"The":[0,76],"world":[1],"has":[2,42,99],"been":[3,100],"witnessing":[4],"an":[5,163],"increase":[6],"in":[7,10,53,62,85,95,133,162,257],"malware":[8],"attacks":[9,61],"recent":[11,63],"years.":[12],"Specifically,":[13],"ransomware":[14,60,82,147,215],"attacks,":[15],"where":[16],"attackers":[17],"lock":[18],"or":[19,30,222],"encrypt":[20],"victims'":[21],"files":[22,33],"and":[23,34,46,88,98,117,125,137,166,177,188,232,241,252],"ask":[24],"for":[25,181,199],"a":[26,71,210],"ransom":[27],"to":[28,121,153,255],"unlock":[29],"decrypt":[31],"the":[32,36,57,109,131,138,154,189,227],"restore":[35],"device's":[37],"state.":[38],"Ransomware":[39],"dark":[40],"market":[41],"become":[43],"very":[44],"profitable,":[45],"its":[47,89,115,123,150,186],"cybercriminals":[48],"make":[49],"millions":[50],"of":[51,56,80,111,135,140,229],"dollars":[52],"revenue.":[54],"One":[55],"most":[58],"active":[59],"years":[64],"is":[65],"Conti":[66,81,112,146,207],"ransomware.":[67],"It":[68],"works":[69],"under":[70],"ransomware-as-a-service":[72],"(RaaS)":[73],"business":[74],"model.":[75],"first":[77,90],"beta":[78,151,211],"version":[79,152,212],"was":[83,93],"seen":[84],"October":[86],"2019,":[87],"known":[91,156],"attack":[92],"reported":[94],"July":[96],"2020":[97],"operational":[101],"since":[102],"then.":[103],"In":[104],"this":[105],"paper,":[106],"we":[107,143,159,184],"track":[108],"development":[110,231],"ransomware,":[113],"categorize":[114,167],"samples,":[116],"compare":[118],"their":[119,174,258],"features":[120,187,221,248],"understand":[122],"success":[124],"efficiency,":[126],"which":[127],"made":[128],"it":[129,217],"top":[130],"charts":[132],"terms":[134],"revenue":[136],"number":[139],"attacks.":[141],"First,":[142],"collect":[144],"many":[145],"samples":[148],"from":[149],"latest":[155],"release.":[157],"Then":[158],"analyze":[160],"them":[161,168],"isolated":[164],"environment":[165],"into":[169],"seven":[170],"versions":[171],"based":[172],"on":[173],"release":[175],"date":[176],"feature":[178],"similarities.":[179],"Finally,":[180],"each":[182],"version,":[183],"list":[185],"previous":[190],"version's":[191],"addition,":[192],"deletion,":[193],"and/or":[194],"modification":[195],"with":[196,213],"our":[197],"reasoning":[198],"these":[200],"changes.":[201],"This":[202],"research":[203],"shows":[204],"that":[205],"although":[206],"started":[208],"as":[209],"minimal":[214],"features,":[216],"gradually":[218],"added":[219,249],"new":[220],"modified":[223],"existing":[224],"ones":[225],"through":[226],"adoption":[228],"continuous":[230],"delivery.":[233],"For":[234],"example,":[235],"API":[236,238],"hashing,":[237],"run-time":[239],"loading,":[240],"efficient":[242],"encryption":[243],"mechanism":[244],"area":[245],"are":[246],"all":[247],"over":[250],"time":[251],"have":[253],"yet":[254],"exist":[256],"earlier":[259],"releases.":[260]},"counts_by_year":[{"year":2025,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}