Abstract
Current trending- Internet of things (IoT) is internetworking of an assortment of hardware devices to offer a collection of applications and services. In the present-day world, ransomware cyber-attack has become one of the major attacks in IoT systems. Ransomware is a hazardous malware that targets the user’s computer inaccessible or inoperative, and then requesting the computer victim user to transfer a huge ransom to relapse the damage. At instance, the evolution rate outcomes illustrate that the level of attacks such as Locky and Cryptowall ransomware are conspicuously growing then other ransomware. Thus, these ransomware relations are the latent threat to IoT. To address the issue, this paper presents Two-phase ransomware prediction model based on the behavioral and communication study of Cryptowall ransomware for IoT networks. This proposed Two-phase model equipped with, Phase-1: observes the inward TCP/IP flowing traffic through a monitoring server to avert the ransomware attack The procedure of the monitoring server is to monitor the IoT's TCP/IP. The process of Monitoring TCP/IP is to extract TCP/IP header and routines command and control (C&C) server IP blacklisting to discover the ransomware attacks. In Phase-2: the proposed system will also analyze the application pattern for malicious behavior of the Web and URLs. Several societies have very affluent security tools in their milieu, but their events or logs are not monitored, which make affluent tools ineffective. The process of having efficient security based monitoring server is vital for detecting and controlling the ransomware attack.
References
Ahmadian, Mohammad M, & Hamid Reza Shahriari, “A framework for high survivable ransomwares detection." Information Security and Cryptology, 13th IEEE Conference International Iranian Society of Cryptology Conference, (2016).
Bertino E, Choo KKR, Georgakopolous D, Nepal S, "Internet of things (IoT): smart and secure service delivery”, ACM Trans Internet Technol, 16(4), pp.22:1–22:7,(2016).
Broadanalysis Threat Intelligence and Malware Research,“Neutrino EK from 104.238.185.187 sends DMA Locker4.0”. Available:www:broadanalysis:com/2016/ 05/22/neutrino-from-104-238-185-187-sends-dma- locker-4-0/, (2016).
Daniel Gonzalez,“Detection and prevention of crypto-ransomware, ubiquitous computing”, Electronics and Mobile Communication Conference (UEMCON), Tech. Rep. CERIAS Tech Report 17,(2017).
Dell Secure Works Counter Threat Unit Threat Intelligence, “CryptoWall ransomware threat analysis”.Available: www:secureworks:com/research/ cryptowall-ransomware,(2014).
Emsisoft Lab, “CryptoDefense: The story of insecure ransomware keys and self-serving bloggers”. Available: blog:emsisoft:com/ 2014/04/04/cryptodefense-the-story-of-insecure ransomware keys- and-self-serving-bloggers/,( 2016).
Kharraz, Amin, Sajjad Arshad, Collin Mulliner, William K. Robertson, and Engin Kirda. "UNVEIL: a large-scale, automated approach to detecting ransomware" In USENIX Security Symposium, pp. 757-772. (2016).
WendyZamora,"how-to-beat-ransomware-prevent-dont-react”, Available: https:// blog. malware how-to-beat-ransomware -prevent-dont-reactytes.com /101/2016/03/ how-to-beat ransomware- prevent-dont-react/, posted on: july2018, (2018).
Arjun, P., Stepheniaj, S., Naveen Kumar, N., Naveen Kumar, K.: “A Study on IoT based Smart Street Light Systems, IEEE International Conference on System, Computation, Automation and Networking(ICSCAN), pp. 1-7,(2019).
Yang H, Tang R," Power consumption based android malware detection", J. Electr Comput Eng ,pp1–7,(2016).
Huang .D. Y., D McCoy, M. M. Aliapoulios, V. G. Li, L. Invernizzi, E. Bursztein, K. McRoberts, J. Levin, K. Levchenko, and A. C. Snoeren, “Tracking ransomware end-to-end,” in 39th IEEE S&P, pp.1– 14,(2018).
Herjavec Group,"The 2020 Official Annual Cybercrime Report"Available: https://www.herjavecgroup.com /the- 2019-official- annual-cybercrime report/ https://cybersecurity ventures .com /hackerpocalypse-cybercrime-report- 2016/Oct. 16, (2017).
Shaerpour K, Dehghantanha A, Mahmod R "Trends in android malware detection", J Digit Forensics Secur Law, 8(3), pp.21–40,(2014).
Jarvis. K., “CryptoLocker Ransomware”. Available: www:secureworks:com /research /crypto locker-ransomware, (2013).
Buczak AL, Guven E "A survey of data mining and machine learning methods for cyber security intrusion detection",IEEE Commun Surv Tutor 18(2),pp.1153–1176,(2016).
Imperva, “phishing-attack-scam”. Available: https://www.imperva.com/learn/ application-security/ phishing-attack-scam/, Source taken on :11th jan.2021,(2021).
Ganenja, Kandaval, “knowing the ransomware and building defense against it - specific to healthcare institutes”, International Conference on Mobile and Secure Services, pp. 286–302, (2016).
Faruki P, Bharmal A, Laxmi V, Ganmoor V, Gaur MS, Conti M, Rajarajan M " Android security: a survey of issues, malware penetration, and defenses", IEEE Commun Surv Tutor ,17(2),pp.998–1022,(2015).
B. Stone-Gross, “The lifecycle of peer to peer (gameover) zeus”. Available: www:secureworks:com / research/the lifecycle of peer to peer gameover zeus,( 2012).
Francesco Mercaldo, Isco Alarci , “TOR traffic analysis and identification”, AEIT IEEE International Conference, 2485, pp. 26, (2017).
Gerald, sileshi Yalew, “Hail to the thief: protecting data from mobile ransomware with ransomsafedroid”, IEEE Conference on Network Computing and Applications, pp. 657–666, (2017).
Krebs, Brian., "FBI: North Korea to blame for Sony hack." Retrieved from Krebs On Security: Available: http://krebsonsecurity. com/2014/12/fbi- north-korea-to-blamefor-sony-hack,(2014).
Liao.K, Z. Zhao, A. Doup´e, and G.-J. Ahn, “Behind closed doors: measurement and analysis of cryptolocker ransoms in bitcoin,” in APWG eCrime Research, pp. 1–13,(2016).
Sgandurra, Daniele, Luis Muñoz-González, Rabih Mohsen, and Emil C. Lupu. "Automated dynamic analysis of ransomware: benefits, limitations and use for detection." arXiv preprint arXiv:1609.03020,(2016).
Sicari S, Rizzardi A, Grieco LA, Coen-Porisini A "Security, privacy and trust in internet of things: the road ahead", Comput Netw, 76pp.146–164,(2015).
Spagnuolo. M, F. Maggi, and S. Zanero, “BitIodine: extracting intelligence from the bitcoin network,” in Springer Financial Cryptography and Data Security, LNCS, 8437, pp. 457–468,(2014).
Steve Morgan" Cybercrime Damages $6 Trillion By 2021" the Hood of Ransomware Attacks,” in 12th Springer DIMVA, pp. 3–24, (2015).