{"id":"https://openalex.org/W2614215062","doi":"https://doi.org/10.1504/ijsn.2017.10005218","title":"Anatomy of ransomware malware: detection, analysis and reporting","display_name":"Anatomy of ransomware malware: detection, analysis and reporting","publication_year":2017,"publication_date":"2017-01-01","ids":{"openalex":"https://openalex.org/W2614215062","doi":"https://doi.org/10.1504/ijsn.2017.10005218","mag":"2614215062"},"language":"en","primary_location":{"id":"doi:10.1504/ijsn.2017.10005218","is_oa":false,"landing_page_url":"https://doi.org/10.1504/ijsn.2017.10005218","pdf_url":null,"source":{"id":"https://openalex.org/S146340630","display_name":"International Journal of Security and Networks","issn_l":"1747-8405","issn":["1747-8405","1747-8413"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310317825","host_organization_name":"Inderscience Publishers","host_organization_lineage":["https://openalex.org/P4310317825"],"host_organization_lineage_names":["Inderscience Publishers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Security and Networks","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5000728986","display_name":"Gurdip Kaur","orcid":null},"institutions":[{"id":"https://openalex.org/I70971781","display_name":"Dr. B. R. Ambedkar National Institute of Technology Jalandhar","ror":"https://ror.org/03xt0bg88","country_code":"IN","type":"education","lineage":["https://openalex.org/I70971781"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Gurdip Kaur","raw_affiliation_strings":["Department of Computer Science and Engineering, Dr. BR Ambedkar National Institute of Technology, Jalandhar - 144011, India"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Dr. BR Ambedkar National Institute of Technology, Jalandhar - 144011, India","institution_ids":["https://openalex.org/I70971781"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086900671","display_name":"Maninder Singh","orcid":"https://orcid.org/0000-0001-8489-8759"},"institutions":[{"id":"https://openalex.org/I162030827","display_name":"Thapar Institute of Engineering & Technology","ror":"https://ror.org/00wdq3744","country_code":"IN","type":"education","lineage":["https://openalex.org/I162030827"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Maninder Singh","raw_affiliation_strings":["Department of Computer Science and Engineering, Thapar University, Patiala - 147004, India"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Thapar University, Patiala - 147004, India","institution_ids":["https://openalex.org/I162030827"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5111969079","display_name":"Renu Dhir","orcid":null},"institutions":[{"id":"https://openalex.org/I70971781","display_name":"Dr. B. R. Ambedkar National Institute of Technology Jalandhar","ror":"https://ror.org/03xt0bg88","country_code":"IN","type":"education","lineage":["https://openalex.org/I70971781"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Renu Dhir","raw_affiliation_strings":["Department of Computer Science and Engineering, Dr. BR Ambedkar National Institute of Technology, Jalandhar - 144011, India"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Dr. BR Ambedkar National Institute of Technology, Jalandhar - 144011, India","institution_ids":["https://openalex.org/I70971781"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.04305992,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":95},"biblio":{"volume":"12","issue":"3","first_page":"188","last_page":"188"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9959999918937683,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9948999881744385,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9116764068603516},{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.846347451210022},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7814694046974182},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7674286365509033},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.741726279258728},{"id":"https://openalex.org/keywords/sandbox","display_name":"Sandbox (software development)","score":0.7410555481910706},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.689731240272522},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.513806164264679},{"id":"https://openalex.org/keywords/ransom","display_name":"Ransom","score":0.43869078159332275},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.16011810302734375},{"id":"https://openalex.org/keywords/law","display_name":"Law","score":0.10249584913253784}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9116764068603516},{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.846347451210022},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7814694046974182},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7674286365509033},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.741726279258728},{"id":"https://openalex.org/C167981075","wikidata":"https://www.wikidata.org/wiki/Q2667186","display_name":"Sandbox (software development)","level":2,"score":0.7410555481910706},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.689731240272522},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.513806164264679},{"id":"https://openalex.org/C2781426709","wikidata":"https://www.wikidata.org/wiki/Q1414572","display_name":"Ransom","level":2,"score":0.43869078159332275},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.16011810302734375},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.10249584913253784},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1504/ijsn.2017.10005218","is_oa":false,"landing_page_url":"https://doi.org/10.1504/ijsn.2017.10005218","pdf_url":null,"source":{"id":"https://openalex.org/S146340630","display_name":"International Journal of Security and Networks","issn_l":"1747-8405","issn":["1747-8405","1747-8413"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310317825","host_organization_name":"Inderscience Publishers","host_organization_lineage":["https://openalex.org/P4310317825"],"host_organization_lineage_names":["Inderscience Publishers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Security and Networks","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W4237045072","https://openalex.org/W4386388924","https://openalex.org/W2614042168","https://openalex.org/W2778994855","https://openalex.org/W2913313394","https://openalex.org/W4213358345","https://openalex.org/W4281476659","https://openalex.org/W3211746486","https://openalex.org/W4240330722","https://openalex.org/W4293077671"],"abstract_inverted_index":{"Rapidly":[0],"increasing":[1],"malware":[2,27,84,123],"samples":[3,28,119,133],"pose":[4],"a":[5,34,61,83],"serious":[6],"threat":[7],"to":[8,29,37,49,73,88,98,130,138,173],"cyber":[9],"security":[10,19],"especially":[11],"when":[12],"they":[13],"are":[14],"not":[15],"getting":[16],"detected":[17],"by":[18,69],"tools":[20],"and":[21,41,53,94,110,146,149,169],"techniques.":[22],"Malware":[23],"writers":[24],"obfuscate":[25],"the":[26,100,106,156,163,183],"conceal":[30],"malicious":[31,75],"code":[32],"inside":[33],"legitimate":[35],"executable":[36],"evade":[38],"antivirus":[39],"solutions":[40],"tamper":[42],"it":[43,59],"without":[44],"changing":[45],"its":[46],"genuine":[47],"structure":[48],"exploit":[50],"target":[51],"machines":[52],"remain":[54],"fully":[55],"undetected":[56],"(FUD).":[57],"Thus,":[58],"is":[60,82,128],"major":[62],"challenge":[63],"before":[64],"Cyber":[65],"Clean":[66],"operations":[67],"run":[68],"various":[70],"government":[71],"agencies":[72],"monitor":[74,139],"activities":[76],"in":[77,134],"their":[78],"official":[79],"network.":[80],"Ransomware":[81],"that":[85],"encrypts":[86],"documents":[87],"breach":[89],"information":[90],"on":[91],"victim":[92],"machine":[93],"asks":[95],"for":[96],"ransom":[97],"provide":[99,170],"decryption":[101],"key.":[102],"This":[103],"paper":[104],"presents":[105],"results":[107],"of":[108,113,117,158,186],"static":[109],"dynamic":[111],"analysis":[112,168,185],"nine":[114],"prominent":[115],"variants":[116],"ransomware":[118],"obtained":[120],"from":[121,165],"renowned":[122],"repositories.":[124],"A":[125],"test":[126],"bed":[127],"prepared":[129],"analyse":[131],"these":[132,176],"Cuckoo's":[135],"sandbox":[136],"environment":[137],"altered":[140],"files/directories,":[141],"tampered":[142],"registry":[143],"keys,":[144],"Command":[145],"Control":[147],"(C&C)":[148],"accessed":[150],"application":[151],"programming":[152],"interfaces":[153],"(APIs).":[154],"At":[155],"end":[157],"this":[159],"paper,":[160],"we":[161],"present":[162],"observations":[164],"our":[166],"experimental":[167],"remedial":[171],"measures":[172],"deal":[174],"with":[175],"samples,":[177],"which":[178],"would":[179],"more":[180],"likely":[181],"impact":[182],"future":[184],"ransomware.":[187]},"counts_by_year":[{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}