Evaluation of Live Forensic Techniques in Ransomware Attack Mitigation
Journal Article
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2020)
Evaluation of Live Forensic Techniques in Ransomware Attack Mitigation. Forensic Science International: Digital Investigation, 33, https://doi.org/10.1016/j.fsidi.2020.300979
Ransomware continues to grow in both scale, cost, complexity and impact since its initial discovery nearly 30 years ago. Security practitioners are engaged in a continual "arm...
Comparison of Entropy Calculation Methods for Ransomware Encrypted File Identification
Journal Article
Davies, S., Macfarlane, R., & Buchanan, W. (2022)
Comparison of Entropy Calculation Methods for Ransomware Encrypted File Identification. Entropy, 24(10), Article 1503. https://doi.org/10.3390/e24101503
Ransomware is a malicious class of software that utilises encryption to implement an attack on system availability. The target’s data remains encrypted and is held captive by ...
Differential Area Analysis for Ransomware Attack Detection within Mixed File Datasets
Journal Article
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2021)
Differential Area Analysis for Ransomware Attack Detection within Mixed File Datasets. Computers and Security, 108, https://doi.org/10.1016/j.cose.2021.102377
The threat from ransomware continues to grow both in the number of affected victims as well as the cost incurred by the people and organisations impacted in a successful attac...
NapierOne: A modern mixed file data set alternative to Govdocs1
Journal Article
Davies, S. R., Macfarlane, R., & Buchanan, W. J. (2022)
NapierOne: A modern mixed file data set alternative to Govdocs1. Forensic Science International: Digital Investigation, 40, Article 301330. https://doi.org/10.1016/j.fsidi.2021.301330
It was found when reviewing the ransomware detection research literature that almost no proposal provided enough detail on how the test data set was created, or sufficient des...