An Impact Analysis of Damage Level caused by Malware with Dynamic Analysis Approach

Authors

  • Christopher Arden Anugerah
  • Erwid Musthofa Jadied Telkom University
  • Niken Cahyani

DOI:

https://doi.org/10.21108/ijoict.v10i1.940

Keywords:

dynamic analysis, malware, ransomware, tracing

Abstract

Malware, short for malicious software, is software or code specifically designed to damage, disrupt
computer systems, or gain unauthorized access to sensitive information. Based on type
classification, one of the well-known types of malware is ransomware. Usually, ransomware will
encrypt the files on a computer system and then demand a ransom from the owner of the computer
system so that the owner can regain access to the encrypted files. Sometimes in some cases,
ransomware is able to delete files without input from the computer system owner. This research
includes the analysis process of three ransomware samples that are known for successfully causing
losses to many computer systems throughout the world, namely WannaCry, Locky, and Jigsaw,
using a dynamic approach and the use of tools to track the processes carried out by the ransomware.
The purpose of this research is to determine which of the three samples has the highest to lowest
level of damage based on metrics based on file access capabilities and file modification capabilities
for various types of files such as system files, boot-related files, program files, etc. The findings of
this research indicate that WannaCry has the highest impact followed by Locky and then Jigsaw.

Downloads

Download data is not yet available.

References

[1] O. Aslan and R. Samet, “A Comprehensive Review on Malware Detection Approaches,” IEEE
Access, vol. 8. Institute of Electrical and Electronics Engineers Inc., pp. 6249–6271, 2020.
doi: 10.1109/ACCESS.2019.2963724.
[2] A. Afianian, S. Niksefat, B. Sadeghiyan, and D. Baptiste, “Malware dynamic analysis evasion
techniques: A survey,” ACM Comput Surv, vol. 52, no. 6, Nov. 2019, doi: 10.1145/3365001.
[3] R. Sihwail, K. Omar, and K. A. Z. Ariffin, “A Survey on Malware Analysis Techniques: Static,
Dynamic, Hybrid and Memory Analysis,” vol. 8, pp. 4–6, 2018.
[4] O. Or-Meir, N. Nissim, Y. Elovici, and L. Rokach, “Dynamic malware analysis in the modern
era—A state of the art survey,” ACM Comput Surv, vol. 52, no. 5, Sep. 2019, doi:
10.1145/3329786.
[5] H. Zhao, M. Li, T. Wu, and F. Yang, “Evaluation of Supervised Machine Learning Techniques
for Dynamic Malware Detection,” 2018.
[6] C. Beaman, A. Barkworth, T. D. Akande, S. Hakak, and M. K. Khan, “Ransomware: Recent
advances, analysis, challenges and future research directions,” Comput Secur, vol. 111, Dec.
2021, doi: 10.1016/j.cose.2021.102490.
[7] S. Aurangzeb, R. N. Bin Rais, M. Aleem, M. A. Islam, and M. A. Iqbal, “On the classification of
Microsoft-Windows ransomware using hardware profile,” PeerJ Comput Sci, vol. 7, pp. 1–
24, 2021, doi: 10.7717/peerj-cs.361.
INTL. JOURNAL ON ICT VOL. 6, NO.1, JUNE 2020 19
[8] M. Akbanov, V. G. Vassilakis, and M. D. Logothetis, “WannaCry ransomware: Analysis of
infection, persistence, recovery prevention and propagation mechanisms,” Journal of
Telecommunications and Information Technology, no. 1, pp. 113–124, 2019, doi:
10.26636/jtit.2019.130218.
[9] L. Y. Connolly, D. S. Wall, M. Lang, and B. Oddson, “An empirical study of ransomware
attacks on organizations: An assessment of severity and salient factors affecting
vulnerability,” J Cybersecur, vol. 6, no. 1, 2020, doi: 10.1093/CYBSEC/TYAA023.
[10] T. R. Reshmi, “Information security breaches due to ransomware attacks - a systematic
literature review,” International Journal of Information Management Data Insights, vol. 1,
no. 2. Elsevier Ltd, Nov. 01, 2021. doi: 10.1016/j.jjimei.2021.100013.
[11] R. Moussaileb, N. Cuppens, J. L. Lanet, and H. Le Bouder, “A Survey on Windows-based
Ransomware Taxonomy and Detection Mechanisms: Case Closed?,” ACM Computing
Surveys, vol. 54, no. 6. Association for Computing Machinery, Jul. 01, 2021. doi:
10.1145/3453153.
[12] G. McDonald, P. Papadopoulos, N. Pitropakis, J. Ahmad, and W. J. Buchanan, “Ransomware:
Analysing the Impact on Windows Active Directory Domain Services,” Sensors, vol. 22, no.
3, Feb. 2022, doi: 10.3390/s22030953.
[13] I. Kara and M. Aydos, “The rise of ransomware: Forensic analysis for windows based
ransomware attacks,” Expert Syst Appl, vol. 190, Mar. 2022, doi:
10.1016/j.eswa.2021.116198.
[14] B. Yamany, M. S. Elsayed, A. D. Jurcut, N. Abdelbaki, and M. A. Azer, “A New Scheme for
Ransomware Classification and Clustering Using Static Features,” Electronics (Switzerland),
vol. 11, no. 20, Oct. 2022, doi: 10.3390/electronics11203307.
[15] J. H. Park, S. K. Singh, M. M. Salim, A. E. L. Azzaoui, and J. H. Park, “Ransomware-based
Cyber Attacks: A Comprehensive Survey,” Journal of Internet Technology, vol. 23, no. 7, pp.
1557–1564, 2022, doi: 10.53106/160792642022122307010.
[16] A. Zimba, Z. Wang, and M. Chishimba, “Addressing Crypto-Ransomware Attacks: Before
You Decide whether To-Pay or Not-To,” Journal of Computer Information Systems, vol. 61,
no. 1, pp. 53–63, 2021, doi: 10.1080/08874417.2018.1564633.

Downloads

Published

2024-07-03

How to Cite

Anugerah, C. A., Jadied, E. M., & Cahyani, N. (2024). An Impact Analysis of Damage Level caused by Malware with Dynamic Analysis Approach. International Journal on Information and Communication Technology (IJoICT), 10(1), 90–99. https://doi.org/10.21108/ijoict.v10i1.940

Issue

Vol. 10 No. 1 (2024): Vol. 10 No.1 June 2024

Section

Security & Cryptography

License

Manuscript submitted to IJoICT has to be an original work of the author(s), contains no element of plagiarism, and has never been published or is not being considered for publication in other journals. Author(s) shall agree to assign all copyright of published article to IJoICT. Requests related to future re-use and re-publication of major or substantial parts of the article must be consulted with the editors of IJoICT.