{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T14:14:49Z","timestamp":1742912089398,"version":"3.40.3"},"publisher-location":"Cham","reference-count":29,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031575365"},{"type":"electronic","value":"9783031575372"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-57537-2_17","type":"book-chapter","created":{"date-parts":[[2024,4,24]],"date-time":"2024-04-24T19:02:38Z","timestamp":1713985358000},"page":"269-284","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Unmasking of\u00a0Maskware: Detection and\u00a0Prevention of\u00a0Next-Generation Mobile Crypto-Ransomware"],"prefix":"10.1007","author":[{"given":"Farnood","family":"Faghihi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mohammad","family":"Zulkernine","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Steven","family":"Ding","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,4,25]]},"reference":[{"key":"17_CR1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-89025-4","volume-title":"Deep Learning Techniques for IoT Security and Privacy","author":"M Abdel-Basset","year":"2022","unstructured":"Abdel-Basset, M., Moustafa, N., Hawash, H., Ding, W.: Deep Learning Techniques for IoT Security and Privacy. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-030-89025-4"},{"key":"17_CR2","doi-asserted-by":"crossref","unstructured":"Bajpai, P., Enbody, R.: An empirical study of key generation in cryptographic ransomware. In: 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), pp. 1\u20138. IEEE (2020)","DOI":"10.1109\/CyberSecurity49315.2020.9138878"},{"key":"17_CR3","doi-asserted-by":"publisher","first-page":"144925","DOI":"10.1109\/ACCESS.2019.2945839","volume":"7","author":"E Berrueta","year":"2019","unstructured":"Berrueta, E., Morato, D., Maga\u00f1a, E., Izal, M.: A survey on detection techniques for cryptographic ransomware. IEEE Access 7, 144925\u2013144944 (2019)","journal-title":"IEEE Access"},{"key":"17_CR4","unstructured":"Canadian Centre for Cyber Security: National cyber threat assessment (2020). https:\/\/cyber.gc.ca\/en\/guidance\/national-cyber-threat-assessment-2020. Accessed Dec 2021"},{"issue":"5","key":"17_CR5","doi-asserted-by":"publisher","first-page":"1286","DOI":"10.1109\/TIFS.2017.2787905","volume":"13","author":"J Chen","year":"2017","unstructured":"Chen, J., Wang, C., Zhao, Z., Chen, K., Du, R., Ahn, G.J.: Uncovering the face of android ransomware: characterization and real-time detection. IEEE Trans. Inf. Forensics Secur. 13(5), 1286\u20131300 (2017)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"17_CR6","doi-asserted-by":"crossref","unstructured":"Continella, A., et al.: Shieldfs: a self-healing, ransomware-aware filesystem. In: Proceedings of the 32nd Annual Conference on Computer Security Applications, pp. 336\u2013347 (2016)","DOI":"10.1145\/2991079.2991110"},{"key":"17_CR7","unstructured":"Darwin, I.F.: File - Linux man page (2008). https:\/\/linux.die.net\/man\/1\/file. Accessed Dec 2021"},{"key":"17_CR8","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102377","volume":"108","author":"SR Davies","year":"2021","unstructured":"Davies, S.R., Macfarlane, R., Buchanan, W.J.: Differential area analysis for ransomware attack detection within mixed file datasets. Comput. Secur. 108, 102377 (2021)","journal-title":"Comput. Secur."},{"key":"17_CR9","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2021.108011","volume":"191","author":"F Faghihi","year":"2021","unstructured":"Faghihi, F., Zulkernine, M.: Ransomcare: data-centric detection and mitigation against smartphone crypto-ransomware. Comput. Netw. 191, 108011 (2021)","journal-title":"Comput. Netw."},{"key":"17_CR10","unstructured":"Financial Crimes Enforcement Network, US Treasury: Financial trend analysis (2020). Accessed Dec 2021"},{"key":"17_CR11","doi-asserted-by":"crossref","unstructured":"Hicks, B.J., Dong, A., Palmer, R., Mcalpine, H.C.: Organizing and managing personal electronic files: a mechanical engineer\u2019s perspective. ACM Trans. Inf. Syst. 26(4) (2008)","DOI":"10.1145\/1402256.1402262"},{"key":"17_CR12","unstructured":"Kaspersky Lab: The onion ransomware (encryption trojan) (2021). https:\/\/www.kaspersky.com\/resource-center\/threats\/onion-ransomware-virus-threat. Accessed Dec 2021"},{"key":"17_CR13","unstructured":"Kharaz, A., Arshad, S., Mulliner, C., Robertson, W., Kirda, E.: $$\\{$$UNVEIL$$\\}$$: a large-scale, automated approach to detecting ransomware. In: 25th $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 16), pp. 757\u2013772 (2016)"},{"key":"17_CR14","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"133","DOI":"10.1007\/978-3-030-30143-9_11","volume-title":"Pervasive Systems, Algorithms and Networks","author":"K Lee","year":"2019","unstructured":"Lee, K., Lee, S.-Y., Yim, K.: Effective ransomware detection using entropy estimation of files for cloud services. In: Esposito, C., Hong, J., Choo, K.-K.R. (eds.) I-SPAN 2019. CCIS, vol. 1080, pp. 133\u2013139. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-30143-9_11"},{"key":"17_CR15","unstructured":"Lessing, M.: Case study: archievus ransomware (2020). https:\/\/www.sdxcentral.com\/security\/definitions\/case-study-archievus-ransomware\/. Accessed Dec 2021"},{"key":"17_CR16","unstructured":"Sophos Ltd.: Lockfile ransomware\u2019s box of tricks: intermittent encryption and evasion (2021). https:\/\/news.sophos.com\/en-us\/2021\/08\/27\/lockfile-ransomwares-box-of-tricks-intermittent-encryption-and-evasion\/. Accessed Dec 2021"},{"key":"17_CR17","doi-asserted-by":"crossref","unstructured":"May, M.J., Laron, E.: Combating ransomware using content analysis and complex file events. In: 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pp. 1\u20135. IEEE (2019)","DOI":"10.1109\/NTMS.2019.8763851"},{"key":"17_CR18","unstructured":"McAfee: An analysis of the wannacry ransomware outbreak (2017). https:\/\/www.mcafee.com\/blogs\/other-blogs\/executive-perspectives\/analysis-wannacry-ransomware-outbreak\/. Accessed Dec 2021"},{"key":"17_CR19","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1007\/978-3-030-36802-9_20","volume-title":"Neural Information Processing","author":"T McIntosh","year":"2019","unstructured":"McIntosh, T., Jang-Jaccard, J., Watters, P., Susnjak, T.: The inadequacy of entropy-based ransomware detection. In: Gedeon, T., Wong, K.W., Lee, M. (eds.) ICONIP 2019. CCIS, vol. 1143, pp. 181\u2013189. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-36802-9_20"},{"key":"17_CR20","doi-asserted-by":"publisher","first-page":"568","DOI":"10.1016\/j.future.2020.09.035","volume":"115","author":"T McIntosh","year":"2021","unstructured":"McIntosh, T., Watters, P., Kayes, A., Ng, A., Chen, Y.P.P.: Enforcing situation-aware access control to build malware-resilient file systems. Futur. Gener. Comput. Syst. 115, 568\u2013582 (2021)","journal-title":"Futur. Gener. Comput. Syst."},{"key":"17_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"114","DOI":"10.1007\/978-3-030-00470-5_6","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"S Mehnaz","year":"2018","unstructured":"Mehnaz, S., Mudgerikar, A., Bertino, E.: RWGuard: a real-time detection system against cryptographic ransomware. In: Bailey, M., Holz, T., Stamatogiannakis, M., Ioannidis, S. (eds.) RAID 2018. LNCS, vol. 11050, pp. 114\u2013136. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-00470-5_6"},{"key":"17_CR22","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1007\/978-3-642-15506-2_15","volume-title":"Advances in Digital Forensics VI","author":"V Roussev","year":"2010","unstructured":"Roussev, V.: Data fingerprinting with similarity digests. In: Chow, K.-P., Shenoi, S. (eds.) DigitalForensics 2010. IAICT, vol. 337, pp. 207\u2013226. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-15506-2_15"},{"key":"17_CR23","doi-asserted-by":"crossref","unstructured":"Scaife, N., Carter, H., Traynor, P., Butler, K.R.: Cryptolock (and drop it): stopping ransomware attacks on user data. In: 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS), pp. 303\u2013312. IEEE (2016)","DOI":"10.1109\/ICDCS.2016.46"},{"key":"17_CR24","unstructured":"Sjouwerman, S.: The evolution of mobile ransomware (2020). https:\/\/blog.knowbe4.com\/evolution-of-mobile-ransomware. Accessed Dec 2021"},{"key":"17_CR25","doi-asserted-by":"crossref","unstructured":"Sullivan, G.J., Wiegand, T.: Video compression-from concepts to the h. 264\/avc standard. Proc. IEEE 93(1), 18\u201331 (2005)","DOI":"10.1109\/JPROC.2004.839617"},{"key":"17_CR26","unstructured":"Varonis: Ransomware statistics, data, trends and facts (2020). https:\/\/www.varonis.com\/blog\/ransomware-statistics-2021\/. Accessed Dec 2021"},{"key":"17_CR27","unstructured":"Varonis: Return of the darkside: analysis of a large-scale data theft campaign (2021). https:\/\/www.varonis.com\/blog\/darkside-ransomware. Accessed Dec 2021"},{"issue":"2","key":"17_CR28","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3423096","volume":"30","author":"B Wu","year":"2021","unstructured":"Wu, B., et al.: Why an android app is classified as malware: toward malware classification interpretation. ACM Trans. Softw. Eng. Methodol. (TOSEM) 30(2), 1\u201329 (2021)","journal-title":"ACM Trans. Softw. Eng. Methodol. (TOSEM)"},{"key":"17_CR29","unstructured":"Xia, T., Sun, Y., Zhu, S., Rasheed, Z., Shafique, K.: Toward a network-assisted approach for effective ransomware detection. arXiv preprint arXiv:2008.12428 (2020)"}],"container-title":["Lecture Notes in Computer Science","Foundations and Practice of Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-57537-2_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,4,24]],"date-time":"2024-04-24T19:05:20Z","timestamp":1713985520000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-57537-2_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031575365","9783031575372"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-57537-2_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"25 April 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"FPS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Foundations and Practice of Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Bordeaux","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 December 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 December 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"fps2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.fps-2023.com\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"80","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"27","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"8","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"34% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}