{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T15:33:31Z","timestamp":1774539211777,"version":"3.50.1"},"publisher-location":"Cham","reference-count":25,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319934105","type":"print"},{"value":"9783319934112","type":"electronic"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-93411-2_11","type":"book-chapter","created":{"date-parts":[[2018,6,7]],"date-time":"2018-06-07T11:49:28Z","timestamp":1528372168000},"page":"234-255","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":17,"title":["No Random, No Ransom: A Key to Stop Cryptographic Ransomware"],"prefix":"10.1007","author":[{"given":"Ziya Alper","family":"Gen\u00e7","sequence":"first","affiliation":[]},{"given":"Gabriele","family":"Lenzini","sequence":"additional","affiliation":[]},{"given":"Peter Y. A.","family":"Ryan","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,6,8]]},"reference":[{"key":"11_CR1","unstructured":"Debian Security Advisory: DSA-1571-1 OpenSSL - predictable random number generator, May 2008. http:\/\/www.debian.org\/security\/2008\/dsa-1571 . Accessed 17 July 2017"},{"key":"11_CR2","unstructured":"Juniper Networks: Out of cycle security bulletin, December 2015. https:\/\/kb.juniper.net\/InfoCenter\/index?page=content&id=JSA10713 . Accessed 17 July 2017"},{"key":"11_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"232","DOI":"10.1007\/978-3-642-10366-7_14","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2009","author":"M Bellare","year":"2009","unstructured":"Bellare, M., Brakerski, Z., Naor, M., Ristenpart, T., Segev, G., Shacham, H., Yilek, S.: Hedged public-key encryption: how to protect against bad randomness. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 232\u2013249. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-10366-7_14"},{"key":"11_CR4","doi-asserted-by":"crossref","unstructured":"Bradner, S.: Key words for use in RFCs to Indicate Requirement Levels. BCP 14, RFC Editor, March 1997. http:\/\/www.rfc-editor.org\/rfc\/rfc2119.txt , http:\/\/www.rfc-editor.org\/rfc\/rfc2119.txt","DOI":"10.17487\/rfc2119"},{"key":"11_CR5","unstructured":"Bromium: Understanding Crypto-Ransomware (2015). https:\/\/www.bromium.com\/sites\/default\/files\/rpt-bromium-crypto-ransomware-us-en.pdf"},{"issue":"4","key":"11_CR6","doi-asserted-by":"publisher","first-page":"91","DOI":"10.1109\/MC.2011.115","volume":"44","author":"TM Chen","year":"2011","unstructured":"Chen, T.M., Abu-Nimeh, S.: Lessons from stuxnet. Computer 44(4), 91\u201393 (2011)","journal-title":"Computer"},{"key":"11_CR7","doi-asserted-by":"crossref","unstructured":"Continella, A., Guagnelli, A., Zingaro, G., De Pasquale, G., Barenghi, A., Zanero, S., Maggi, F.: ShieldFS: a self-healing, ransomware-aware filesystem. In: Proceedings of the 32Nd Annual Conference on Computer Security Applications, pp. 336\u2013347. ACSAC 2016. ACM, New York (2016)","DOI":"10.1145\/2991079.2991110"},{"key":"11_CR8","unstructured":"Cybersecurity Ventures: Ransomware Damage Report (2017). https:\/\/cybersecurityventures.com\/ransomware-damage-report-2017-part-2\/"},{"key":"11_CR9","doi-asserted-by":"crossref","unstructured":"Dodis, Y., Ong, S.J., Prabhakaran, M., Sahai, A.: On the (im)possibility of cryptography with imperfect randomness. In: 45th Annual IEEE Symposium on Foundations of Computer Science, pp. 196\u2013205, October 2004","DOI":"10.1109\/FOCS.2004.44"},{"key":"11_CR10","doi-asserted-by":"crossref","unstructured":"Douceur, J.R., Adya, A., Bolosky, W.J., Simon, D., Theimer, M.: Reclaiming space from duplicate files in a serverless distributed file system. In: Proceedings of the 22nd International Conference on Distributed Computing Systems (ICDCS 2002), pp. 617. ICDCS 2002. IEEE Computer Society, Washington, DC, USA (2002)","DOI":"10.1109\/ICDCS.2002.1022312"},{"key":"11_CR11","unstructured":"Gammons, B.: 4 Surprising Backup Failure Statistics that Justify Additional Protection, January 2017. https:\/\/blog.barkly.com\/backup-failure-statistics . Accessed 17 July 2017"},{"key":"11_CR12","volume-title":"Writing Secure Code. Developer Best Practices","author":"M Howard","year":"2004","unstructured":"Howard, M., Le Blanc, D.: Writing Secure Code. Developer Best Practices, 2nd edn. Microsoft Press, Cambridge (2004)","edition":"2"},{"key":"11_CR13","unstructured":"Kharaz, A., Arshad, S., Mulliner, C., Robertson, W., Kirda, E.: Unveil: a large-scale, automated approach to detecting ransomware. In: 25th USENIX Security Symposium (USENIX Security 2016), pp. 757\u2013772. USENIX Association, Austin, TX (2016)"},{"key":"11_CR14","doi-asserted-by":"publisher","first-page":"98","DOI":"10.1007\/978-3-319-66332-6_5","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"A Kharraz","year":"2017","unstructured":"Kharraz, A., Kirda, E.: Redemption: real-time protection against ransomware at end-hosts. In: Dacier, M., Bailey, M., Polychronakis, M., Antonakakis, M. (eds.) Research in Attacks, Intrusions, and Defenses, pp. 98\u2013119. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66332-6_5"},{"key":"11_CR15","doi-asserted-by":"crossref","unstructured":"Kolodenker, E., Koch, W., Stringhini, G., Egele, M.: Paybreak: defense against cryptographic ransomware. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 599\u2013611. ASIA CCS 2017. ACM, New York (2017)","DOI":"10.1145\/3052973.3053035"},{"key":"11_CR16","doi-asserted-by":"publisher","first-page":"105","DOI":"10.1007\/978-3-319-58967-1_12","volume-title":"Big Data Technologies and Applications","author":"K Lee","year":"2017","unstructured":"Lee, K., Oh, I., Yim, K.: Ransomware-prevention technique using key backup. In: Jung, J.J., Kim, P. (eds.) Big Data Technologies and Applications, vol. 194, pp. 105\u2013114. Springer International Publishing, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-58967-1_12"},{"key":"11_CR17","unstructured":"Microsoft: Working with the AppInit_DLLs registry value, November 2006. https:\/\/support.microsoft.com\/en-us\/help\/197571\/working-with-theappinit-dlls-registry-value"},{"key":"11_CR18","unstructured":"Microsoft Corporation: Windows Authenticode Portable Executable Signature Format. Technical report, March 2008. http:\/\/download.microsoft.com\/download\/9\/c\/5\/9c5b2167-8017-4bae-9fde-d599bac8184a\/Authenticode_PE.docx"},{"key":"11_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1007\/978-3-319-54876-0_2","volume-title":"Risks and Security of Internet and Systems","author":"A Palisse","year":"2017","unstructured":"Palisse, A., Le Bouder, H., Lanet, J.-L., Le Guernic, C., Legay, A.: Ransomware and the legacy Crypto API. In: Cuppens, F., Cuppens, N., Lanet, J.-L., Legay, A. (eds.) CRiSIS 2016. LNCS, vol. 10158, pp. 11\u201328. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-54876-0_2"},{"key":"11_CR20","doi-asserted-by":"crossref","unstructured":"Scaife, N., Carter, H., Traynor, P., Butler, K.R.B.: Cryptolock (and drop it): stopping ransomware attacks on user data. In: 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS), pp. 303\u2013312, June 2016","DOI":"10.1109\/ICDCS.2016.46"},{"key":"11_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"230","DOI":"10.1007\/978-3-319-45719-2_11","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"M Sebasti\u00e1n","year":"2016","unstructured":"Sebasti\u00e1n, M., Rivera, R., Kotzias, P., Caballero, J.: AVclass: a tool for massive malware labeling. In: Monrose, F., Dacier, M., Blanc, G., Garcia-Alfaro, J. (eds.) RAID 2016. LNCS, vol. 9854, pp. 230\u2013253. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-45719-2_11"},{"key":"11_CR22","unstructured":"Soeder, D., Abad, C., Acevedo, G.: Black-box assessment of pseudorandom algorithms. Black Hat USA (2013). https:\/\/media.blackhat.com\/us-13\/US-13-Soeder-Black-Box-Assessment-of-Pseudorandom-Algorithms-WP.pdf"},{"key":"11_CR23","unstructured":"Szor, P.: Duqu-Threat Research and Analysis, November 2011. https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/2011\/10\/Duqu.pdf"},{"key":"11_CR24","unstructured":"US Department of Justice: How to Protect your Networks from Ransomware (2016). https:\/\/www.justice.gov\/criminal-ccips\/file\/872771\/download"},{"key":"11_CR25","unstructured":"VirusTotal: Scan report, June 2017. https:\/\/virustotal.com\/en\/file\/81fdbf04f3d0d9a85e0fbb092e257a2dda14c5d783f1c8bf3bc41038e0a78688\/analysis\/"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-93411-2_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,5]],"date-time":"2025-07-05T01:01:31Z","timestamp":1751677291000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-93411-2_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319934105","9783319934112"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-93411-2_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"8 June 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Saclay","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 June 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 June 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.dimva2018.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}