DOI: https://doi.org/10.15368/theses.2019.139
Available at: https://digitalcommons.calpoly.edu/theses/2540
Date of Award
9-2019
Degree Name
MS in Computer Science
Department/Program
Computer Science
College
College of Agriculture, Food, and Environmental Sciences
Advisor
Zachary N J Peterson
Advisor Department
<--Please Select Department-->
Advisor College
College of Agriculture, Food, and Environmental Sciences
Abstract
Ransomware, a type of malware that extorts payment from a victim by encrypting her data, is a growing threat that is becoming more sophisticated with each generation. Attackers have shifted from targeting individuals to entire organizations, raising extortions from hundreds of dollars to hundreds of thousands of dollars. In this work, we analyze a variety of ransomware and benign software binaries in order to identify indicators that may be used to detect ransomware. We find that several combinations of strings, cryptographic constants, and a large number loops are key indicators useful for detecting ransomware.