{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,23]],"date-time":"2025-07-23T12:29:31Z","timestamp":1753273771724,"version":"3.40.3"},"publisher-location":"Cham","reference-count":16,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030042233"},{"type":"electronic","value":"9783030042240"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-030-04224-0_19","type":"book-chapter","created":{"date-parts":[[2018,11,17]],"date-time":"2018-11-17T06:15:09Z","timestamp":1542435309000},"page":"217-229","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":12,"title":["Large Scale Behavioral Analysis of Ransomware Attacks"],"prefix":"10.1007","author":[{"given":"Timothy R.","family":"McIntosh","sequence":"first","affiliation":[]},{"given":"Julian","family":"Jang-Jaccard","sequence":"additional","affiliation":[]},{"given":"Paul A.","family":"Watters","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,11,18]]},"reference":[{"key":"19_CR1","unstructured":"Ransomware Damage Report 2017. https:\/\/cybersecurityventures.com\/ransomware-damage-report-2017-part-2\/. Accessed 24 June 2018"},{"key":"19_CR2","unstructured":"McAfee Labs Threats Report. https:\/\/www.mcafee.com\/enterprise\/en-us\/assets\/reports\/rp-quarterly-threats-dec-2017.pdf. Accessed 24 June 2018"},{"key":"19_CR3","doi-asserted-by":"crossref","unstructured":"Continella, A., et al.: ShieldFS: a self-healing, ransomware-aware filesystem. In: Proceedings of the 32nd Annual Conference on Computer Security Applications, pp. 336\u2013347. ACM (2016)","DOI":"10.1145\/2991079.2991110"},{"key":"19_CR4","unstructured":"Symantec Internet Security Threat Report\u2014April 2017. ISTR, vol. 22. https:\/\/www.symantec.com\/content\/dam\/symantec\/docs\/reports\/istr-22-2017-en.pdf. Accessed 27 Jan 2018"},{"key":"19_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-319-20550-2_1","volume-title":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","author":"A Kharraz","year":"2015","unstructured":"Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., Kirda, E.: Cutting the Gordian Knot: a look under the hood of ransomware attacks. In: Almgren, M., Gulisano, V., Maggi, F. (eds.) DIMVA 2015. LNCS, vol. 9148, pp. 3\u201324. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-20550-2_1"},{"key":"19_CR6","doi-asserted-by":"crossref","unstructured":"Scaife, N., Carter, H., Traynor, P., Butler, K.R.: CryptoLock (and drop it): stopping ransomware attacks on user data. In: 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS), pp. 303\u2013312. IEEE (2016)","DOI":"10.1109\/ICDCS.2016.46"},{"key":"19_CR7","unstructured":"Kharraz, A., Arshad, S., Mulliner, C., Robertson, W.K., Kirda, E.: UNVEIL: a large-scale, automated approach to detecting ransomware. In: USENIX Security Symposium, pp. 757\u2013772 (2016)"},{"key":"19_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"98","DOI":"10.1007\/978-3-319-66332-6_5","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"A Kharraz","year":"2017","unstructured":"Kharraz, A., Kirda, E.: Redemption: real-time protection against ransomware at end-hosts. In: Dacier, M., Bailey, M., Polychronakis, M., Antonakakis, M. (eds.) RAID 2017. LNCS, vol. 10453, pp. 98\u2013119. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66332-6_5"},{"key":"19_CR9","series-title":"Advances in Intelligent Systems and Computing","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/978-3-319-77028-4_15","volume-title":"Information Technology - New Generations","author":"SYA Fayi","year":"2018","unstructured":"Fayi, S.Y.A.: What Petya\/NotPetya ransomware is and what its remidiations are. In: Latifi, S. (ed.) Information Technology - New Generations. AISC, vol. 738, pp. 93\u2013100. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-77028-4_15"},{"key":"19_CR10","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1007\/978-1-4842-1016-1_2","volume-title":"Windows File System Troubleshooting","author":"Mike Halsey","year":"2015","unstructured":"Halsey, M., Bettany, A.: Understanding windows file systems. In: Windows File System Troubleshooting, pp. 13\u201330. Apress, Berkeley (2015)"},{"key":"19_CR11","unstructured":"ESET vs Crypto-Ransomware: What, How and Why. https:\/\/cdn1.esetstatic.com\/ESET\/US\/resources\/white-papers\/WhitePaper_ESET-vs-Crypto-Ransomware.pdf. Accessed 7 Mar 2018"},{"issue":"3","key":"19_CR12","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1145\/221296.221307","volume":"27","author":"D Barreau","year":"1995","unstructured":"Barreau, D., Nardi, B.A.: Finding and reminding: file organization from the desktop. ACM SigChi Bull. 27(3), 39\u201343 (1995)","journal-title":"ACM SigChi Bull."},{"issue":"3","key":"19_CR13","doi-asserted-by":"publisher","first-page":"9","DOI":"10.1145\/1288783.1288788","volume":"3","author":"N Agrawal","year":"2007","unstructured":"Agrawal, N., Bolosky, W.J., Douceur, J.R., Lorch, J.R.: A five-year study of file-system metadata. ACM Trans. Storage (TOS) 3(3), 9 (2007)","journal-title":"ACM Trans. Storage (TOS)"},{"issue":"2","key":"19_CR14","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1109\/MSP.2007.45","volume":"5","author":"Carsten Willems","year":"2007","unstructured":"Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using Cwsandbox. IEEE Secur. Priv. 5(2) (2007)","journal-title":"IEEE Security and Privacy Magazine"},{"key":"19_CR15","doi-asserted-by":"crossref","unstructured":"Layton, R., Watters, P.: Determining provenance in phishing websites using automated conceptual analysis. In: eCrime Researchers Summit, 2009, pp. 1\u20137. IEEE (2009)","DOI":"10.1109\/ECRIME.2009.5342614"},{"key":"19_CR16","doi-asserted-by":"publisher","first-page":"204","DOI":"10.1007\/978-3-642-33448-1_28","volume-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","author":"Mamoun Alazab","year":"2012","unstructured":"Alazab, M., Venkatraman, S., Watters, P., Alazab, M., Alazab, A.: Cybercrime: the case of obfuscated malware. In: Georgiadis, C.K., Jahankhani, H., Pimenidis, E., Bashroush, R., Al-Nemrat, A. (eds.) Global Security, Safety and Sustainability e-Democracy, pp. 204\u2013211. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-33448-1_28"}],"container-title":["Lecture Notes in Computer Science","Neural Information Processing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-04224-0_19","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,12]],"date-time":"2024-03-12T18:47:43Z","timestamp":1710269263000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-04224-0_19"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783030042233","9783030042240"],"references-count":16,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-04224-0_19","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"18 November 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICONIP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Neural Information Processing","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Siem Reap","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Cambodia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 December 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 December 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iconip2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/conference.cs.cityu.edu.hk\/iconip\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"575","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"401","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"70% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"6","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}