{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,11]],"date-time":"2025-09-11T19:23:57Z","timestamp":1757618637617,"version":"3.44.0"},"publisher-location":"Cham","reference-count":15,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031976193"},{"type":"electronic","value":"9783031976209"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-97620-9_12","type":"book-chapter","created":{"date-parts":[[2025,7,10]],"date-time":"2025-07-10T09:24:36Z","timestamp":1752139476000},"page":"213-219","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Poster: Extracting Cryptographic Keys from\u00a0Windows Live Processes"],"prefix":"10.1007","author":[{"given":"Le\u00f3n","family":"Abascal","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7982-0359","authenticated-orcid":false,"given":"Ricardo J.","family":"Rodr\u00edguez","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,7,10]]},"reference":[{"key":"12_CR1","doi-asserted-by":"crossref","unstructured":"Aboud, M.A., Mariyappn, K.: Investigation of modern ransomware key generation methods: a review. In: 2021 International Conference on Computer Communication and Informatics (ICCCI), pp.\u00a01\u20135, January 2021","DOI":"10.1109\/ICCCI50826.2021.9402680"},{"key":"12_CR2","doi-asserted-by":"crossref","unstructured":"Bajpai, P., Enbody, R.: An empirical study of key generation in cryptographic ransomware. In: 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), pp.\u00a01\u20138, June 2020","DOI":"10.1109\/CyberSecurity49315.2020.9138878"},{"key":"12_CR3","doi-asserted-by":"crossref","unstructured":"Bajpai, P., Sood, A.K., Enbody, R.: A key-management-based taxonomy for Ransomware. In: 2018 APWG Symposium on Electronic Crime Research (eCrime), pp. 1\u201312, May 2018","DOI":"10.1109\/ECRIME.2018.8376213"},{"key":"12_CR4","doi-asserted-by":"crossref","unstructured":"Cawthra, J., Ekstrom, M., Lusty, L., Sexton, J., Sweetnam, J.: Data integrity: identifying and protecting assets against ransomware and other destructive events, December 2020. https:\/\/csrc.nist.gov\/pubs\/sp\/1800\/25\/final. Accessed 30 Jan 2025","DOI":"10.6028\/NIST.SP.1800-25"},{"key":"12_CR5","unstructured":"Cisco: Cisco cyber threat trends report: from trojan takeovers to ransomware roulette, June 2024. https:\/\/learn-cloudsecurity.cisco.com\/umbrella-library\/cyber-threat-trends-report. Accessed 9 April 2025"},{"key":"12_CR6","unstructured":"CrowdStrike: CrowdStrike 2025 global threat report, February 2025. https:\/\/go.crowdstrike.com\/rs\/281-OBQ-266\/images\/CrowdStrikeGlobalThreatReport2025.pdf. Accessed 9 Apr 2025"},{"key":"12_CR7","unstructured":"European Union Agency for Cybersecurity: ENISA Threat Landscape 2024, September 2024. https:\/\/www.enisa.europa.eu\/sites\/default\/files\/2024-11\/ENISA%20Threat%20Landscape%202024_0.pdf. Accessed 9 Apr 2025"},{"key":"12_CR8","doi-asserted-by":"publisher","unstructured":"Gen\u00e7, Z.A., Lenzini, G., Ryan, P.Y.: Security analysis of key acquiring strategies used by cryptographic ransomware. In: Proceedings of the Central European Cybersecurity Conference 2018. CECC 2018. Association for Computing Machinery, New York, NY, USA (2018). https:\/\/doi.org\/10.1145\/3277570.3277577","DOI":"10.1145\/3277570.3277577"},{"key":"12_CR9","doi-asserted-by":"crossref","unstructured":"Hsiao, S.C., Kao, D.Y.: The static analysis of WannaCry ransomware. In: 2018 20th International Conference on Advanced Communication Technology (ICACT), pp. 153\u2013158 (2018)","DOI":"10.23919\/ICACT.2018.8323680"},{"key":"12_CR10","unstructured":"Ligh, M.H., Case, A., Levy, J., Walters, A.: The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory, 1st edn. Wiley Publishing (2014)"},{"key":"12_CR11","doi-asserted-by":"crossref","unstructured":"Maartmann-Moe, C., Thorkildsen, S.E., \u00c5rnes, A.: The persistence of memory: forensic identification and extraction of cryptographic keys. Digit. Invest. 6, S132\u2013S140 (2009). The Proceedings of the Ninth Annual DFRWS Conference","DOI":"10.1016\/j.diin.2009.06.002"},{"key":"12_CR12","unstructured":"Mark Vincent Yason: Windows 10 Segment Heap Internals (2016). https:\/\/www.blackhat.com\/docs\/us-16\/materials\/us-16-Yason-Windows-10-Segment-Heap-Internals.pdf. Accessed 1 Apr 2025"},{"key":"12_CR13","unstructured":"Microsoft Learn: BLOBHEADER structure, February 2021. https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/api\/wincrypt\/ns-wincrypt-publickeystruc. Accessed 30 Jan 2025"},{"key":"12_CR14","unstructured":"Microsoft Learn: CryptExportKey function, October 2021. https:\/\/learn.microsoft.com\/en-us\/windows\/win32\/api\/wincrypt\/nf-wincrypt-cryptexportkey. Accessed 30 Jan 2025"},{"key":"12_CR15","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102388","volume":"109","author":"J Yuste","year":"2021","unstructured":"Yuste, J., Pastrana, S.: Avaddon ransomware: an in-depth analysis and decryption of infected systems. Comput. Secur. 109, 102388 (2021)","journal-title":"Comput. Secur."}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-97620-9_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,7]],"date-time":"2025-09-07T01:43:57Z","timestamp":1757209437000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-97620-9_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031976193","9783031976209"],"references-count":15,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-97620-9_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"10 July 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Graz","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Austria","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 July 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 July 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/dimva.org\/dimva2025\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}