Visible to the public Reasoning Crypto Ransomware Infection Vectors with Bayesian Networks

TitleReasoning Crypto Ransomware Infection Vectors with Bayesian Networks
Publication TypeConference Paper
Year of Publication2017
AuthorsZimba, A., Wang, Z., Chen, H.
Conference Name2017 IEEE International Conference on Intelligence and Security Informatics (ISI)
ISBN Number978-1-5090-6727-5
KeywordsBayes methods, Bayesian Network, Bayesian network statistics, belief networks, composability, conditional probability, crypto ransomware, crypto ransomware infection vectors, cryptography, Encryption, Infection Vector, invasive software, Malware, Metrics, Nickel, Payloads, pubcrawl, ransomware, resilience, Resiliency, Uncertainty

Ransomware techniques have evolved over time with the most resilient attacks making data recovery practically impossible. This has driven countermeasures to shift towards recovery against prevention but in this paper, we model ransomware attacks from an infection vector point of view. We follow the basic infection chain of crypto ransomware and use Bayesian network statistics to infer some of the most common ransomware infection vectors. We also employ the use of attack and sensor nodes to capture uncertainty in the Bayesian network.

Citation Keyzimba_reasoning_2017