Ransomware IR Model: Proactive Threat Intelligence-Based Incident Response Strategy

• URL: http://arxiv.org/abs/2502.01221v1
• Date: Mon, 03 Feb 2025 10:25:26 GMT
• Title: Ransomware IR Model: Proactive Threat Intelligence-Based Incident Response Strategy
• Authors: Anthony Cheuk Tung Lai, Ping Fan Ke, Alan Ho,
• Abstract summary: There is no clear and proven published incident response strategy to satisfy different business priorities and objectives under ransomware attack in detail. In this paper, we quote one of our representative front-line ransomware incident response experiences for Company X.
• Score: 0.0
• License:
• Abstract: Ransomware impact different organizations for years, it causes huge monetary, reputation loss and operation impact. Other than typical data encryption by ransomware, attackers can request ransom from the victim organizations via data extortion, otherwise, attackers will publish stolen data publicly in their ransomware dashboard forum and data-sharing platforms. However, there is no clear and proven published incident response strategy to satisfy different business priorities and objectives under ransomware attack in detail. In this paper, we quote one of our representative front-line ransomware incident response experiences for Company X. Organization and incident responder can reference our established model strategy and implement proactive threat intelligence-based incident response architecture if one is under ransomware attack, which helps to respond the incident more effectively and speedy.

Related papers

• Assessing and Prioritizing Ransomware Risk Based on Historical Victim Data [0.0]
  We present an approach to identifying which ransomware adversaries are most likely to target specific entities. Ransomware poses a formidable cybersecurity threat characterized by profit-driven motives, a complex underlying economy supporting criminal syndicates, and the overt nature of its attacks.
  arXiv  Detail & Related papers  (2025-02-06T15:57:56Z)
• Showing the Receipts: Understanding the Modern Ransomware Ecosystem [4.058903075267789]
  We present novel techniques to identify ransomware payments with low false positives. We publish the largest public dataset of over $900 million in ransomware payments. We then leverage this expanded dataset to present an analysis focused on understanding the activities of ransomware groups over time.
  arXiv  Detail & Related papers  (2024-08-27T21:51:52Z)
• EGAN: Evolutional GAN for Ransomware Evasion [0.0]
  Adversarial Training is a proven defense strategy against adversarial malware. This work proposes an attack framework, EGAN, to address this limitation.
  arXiv  Detail & Related papers  (2024-05-20T17:52:40Z)
• Understanding crypter-as-a-service in a popular underground marketplace [51.328567400947435]
  Crypters are pieces of software whose main goal is to transform a target binary so it can avoid detection from Anti Viruses (AVs) applications. The crypter-as-a-service model has gained popularity, in response to the increased sophistication of detection mechanisms. This paper provides the first study on an online underground market dedicated to crypter-as-a-service.
  arXiv  Detail & Related papers  (2024-05-20T08:35:39Z)
• Privacy Backdoors: Enhancing Membership Inference through Poisoning Pre-trained Models [112.48136829374741]
  In this paper, we unveil a new vulnerability: the privacy backdoor attack. When a victim fine-tunes a backdoored model, their training data will be leaked at a significantly higher rate than if they had fine-tuned a typical model. Our findings highlight a critical privacy concern within the machine learning community and call for a reevaluation of safety protocols in the use of open-source pre-trained models.
  arXiv  Detail & Related papers  (2024-04-01T16:50:54Z)
• It's more than just money: The real-world harms from ransomware attacks [1.5391321019692432]
  This article conducts a novel exploration into the multitude of real-world harms that can arise from cyber-attacks. We draw on publicly-available case data on high-profile ransomware incidents to examine the types of harm that emerge at various stages after a ransomware attack.
  arXiv  Detail & Related papers  (2023-07-06T08:46:16Z)
• Untargeted Backdoor Attack against Object Detection [69.63097724439886]
  We design a poison-only backdoor attack in an untargeted manner, based on task characteristics. We show that, once the backdoor is embedded into the target model by our attack, it can trick the model to lose detection of any object stamped with our trigger patterns.
  arXiv  Detail & Related papers  (2022-11-02T17:05:45Z)
• On the Effectiveness of Adversarial Training against Backdoor Attacks [111.8963365326168]
  A backdoored model always predicts a target class in the presence of a predefined trigger pattern. In general, adversarial training is believed to defend against backdoor attacks. We propose a hybrid strategy which provides satisfactory robustness across different backdoor attacks.
  arXiv  Detail & Related papers  (2022-02-22T02:24:46Z)
• Winning the Ransomware Lottery: A Game-Theoretic Model for Mitigating Ransomware Attacks [0.0]
  We construct an expected value model based on data from actual ransomware attacks. We present mitigations to encourage an environment that is hostile to ransomware operators.
  arXiv  Detail & Related papers  (2021-07-30T12:29:34Z)
• Preventing Unauthorized Use of Proprietary Data: Poisoning for Secure Dataset Release [52.504589728136615]
  We develop a data poisoning method by which publicly released data can be minimally modified to prevent others from train-ing models on it. We demonstrate the success of our approach onImageNet classification and on facial recognition.
  arXiv  Detail & Related papers  (2021-02-16T19:12:34Z)
• Backdoor Attack against Speaker Verification [86.43395230456339]
  We show that it is possible to inject the hidden backdoor for infecting speaker verification models by poisoning the training data. We also demonstrate that existing backdoor attacks cannot be directly adopted in attacking speaker verification.
  arXiv  Detail & Related papers  (2020-10-22T11:10:08Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.