{"id":"https://openalex.org/W4399332970","doi":"https://doi.org/10.1145/3655693.3661321","title":"A Threat-Led Approach to Mitigating Ransomware Attacks: Insights from a Comprehensive Analysis of the Ransomware Ecosystem","display_name":"A Threat-Led Approach to Mitigating Ransomware Attacks: Insights from a Comprehensive Analysis of the Ransomware Ecosystem","publication_year":2024,"publication_date":"2024-06-04","ids":{"openalex":"https://openalex.org/W4399332970","doi":"https://doi.org/10.1145/3655693.3661321"},"language":"en","primary_location":{"id":"doi:10.1145/3655693.3661321","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3655693.3661321","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3655693.3661321","source":null,"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"European Interdisciplinary Cybersecurity Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3655693.3661321","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5054115101","display_name":"Alexander Lawall","orcid":"https://orcid.org/0000-0003-4703-6310"},"institutions":[{"id":"https://openalex.org/I4210148941","display_name":"IU International University of Applied Sciences","ror":"https://ror.org/04fdat027","country_code":"DE","type":"education","lineage":["https://openalex.org/I4210148941"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Alexander Lawall","raw_affiliation_strings":["IU International University of Applied Sciences, Germany"],"raw_orcid":"https://orcid.org/0000-0003-4703-6310","affiliations":[{"raw_affiliation_string":"IU International University of Applied Sciences, Germany","institution_ids":["https://openalex.org/I4210148941"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5038450342","display_name":"Petra Beenken","orcid":"https://orcid.org/0009-0002-8027-7343"},"institutions":[{"id":"https://openalex.org/I4210148941","display_name":"IU International University of Applied Sciences","ror":"https://ror.org/04fdat027","country_code":"DE","type":"education","lineage":["https://openalex.org/I4210148941"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Petra Beenken","raw_affiliation_strings":["IU International University of Applied Sciences, Germany"],"raw_orcid":"https://orcid.org/0009-0002-8027-7343","affiliations":[{"raw_affiliation_string":"IU International University of Applied Sciences, Germany","institution_ids":["https://openalex.org/I4210148941"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":2.4458,"has_fulltext":false,"cited_by_count":8,"citation_normalized_percentile":{"value":0.89686788,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"210","last_page":"216"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9941999912261963,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.9941772222518921},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7014716863632202},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5583885908126831},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.4324825704097748},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.3944847583770752},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.3827662765979767}],"concepts":[{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.9941772222518921},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7014716863632202},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5583885908126831},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.4324825704097748},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.3944847583770752},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.3827662765979767}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3655693.3661321","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3655693.3661321","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3655693.3661321","source":null,"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"European Interdisciplinary Cybersecurity Conference","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3655693.3661321","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3655693.3661321","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3655693.3661321","source":null,"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"European Interdisciplinary Cybersecurity Conference","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4399332970.pdf"},"referenced_works_count":28,"referenced_works":["https://openalex.org/W1559498407","https://openalex.org/W1973078473","https://openalex.org/W1996716108","https://openalex.org/W2014316112","https://openalex.org/W2060664321","https://openalex.org/W2491980965","https://openalex.org/W2520817629","https://openalex.org/W2614042168","https://openalex.org/W2781518247","https://openalex.org/W2784113120","https://openalex.org/W2787214550","https://openalex.org/W2885355851","https://openalex.org/W2886257824","https://openalex.org/W2911434985","https://openalex.org/W2963604227","https://openalex.org/W2972007171","https://openalex.org/W2977489474","https://openalex.org/W3004302111","https://openalex.org/W3023947707","https://openalex.org/W3047996415","https://openalex.org/W3115801294","https://openalex.org/W3182576883","https://openalex.org/W3183350623","https://openalex.org/W3205163562","https://openalex.org/W4200267592","https://openalex.org/W4205911522","https://openalex.org/W4293227992","https://openalex.org/W4375787811"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W3201228709","https://openalex.org/W2922354075","https://openalex.org/W4389157351","https://openalex.org/W4232561318","https://openalex.org/W4253977752","https://openalex.org/W2942879794","https://openalex.org/W2964829536","https://openalex.org/W2962911305","https://openalex.org/W4224941017"],"abstract_inverted_index":{"Ransomware":[0],"attacks":[1,86],"have":[2,124],"become":[3],"a":[4,25,34,73],"major":[5],"threat":[6,110],"to":[7,28,61,114],"organizations":[8],"across":[9],"all":[10],"sectors,":[11],"causing":[12],"significant":[13,125],"financial":[14],"and":[15,53,58,87,109,131,133],"reputational":[16],"damage.":[17],"To":[18],"address":[19],"this":[20,22,70,122],"challenge,":[21],"contribution":[23,43,98,123],"presents":[24],"threat-led":[26],"approach":[27],"mitigating":[29],"ransomware":[30,40,47,85,116,140],"attacks,":[31],"based":[32],"on":[33],"comprehensive":[35],"analysis":[36,71],"of":[37,69,75,84,103,121,138],"the":[38,45,81,101,105,136],"contemporary":[39],"ecosystem.":[41],"The":[42,66,97,119],"identifies":[44],"main":[46],"groups":[48],"that":[49,77],"are":[50],"currently":[51],"active":[52],"analyzes":[54],"their":[55],"Tactics,":[56],"Techniques,":[57],"Procedures":[59],"(TTPs)":[60],"derive":[62],"appropriate":[63],"mitigation":[64],"measures.":[65],"final":[67],"output":[68],"is":[72],"list":[74],"mitigations":[76],"can":[78,134],"effectively":[79],"prevent":[80],"successful":[82],"execution":[83],"whose":[88],"implementation":[89],"should":[90],"thus":[91],"be":[92],"prioritized":[93],"by":[94],"cybersecurity":[95,128],"teams.":[96],"also":[99],"highlights":[100],"importance":[102],"using":[104],"MITRE":[106],"ATT&CK":[107],"framework":[108],"actor":[111],"profile":[112],"library":[113],"enhance":[115],"defense":[117,141],"strategies.":[118,142],"findings":[120],"implications":[126],"for":[127],"practitioners,":[129],"policymakers,":[130],"researchers,":[132],"inform":[135],"development":[137],"effective":[139]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":3}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}