This HTML5 document contains 39 embedded RDF statements represented using HTML+Microdata notation.

The embedded RDF content will be recognized by any processor of HTML5 Microdata.

Namespace Prefixes

PrefixIRI
dctermshttp://purl.org/dc/terms/
n2https://kar.kent.ac.uk/id/eprint/
wdrshttp://www.w3.org/2007/05/powder-s#
n7http://purl.org/ontology/bibo/status/
dchttp://purl.org/dc/elements/1.1/
n18https://kar.kent.ac.uk/92302/
rdfshttp://www.w3.org/2000/01/rdf-schema#
n16https://kar.kent.ac.uk/id/subject/
n12https://demo.openlinksw.com/about/id/entity/https/raw.githubusercontent.com/annajordanous/CO644Files/main/
n5http://eprints.org/ontology/
n15https://kar.kent.ac.uk/id/eprint/92302#
bibohttp://purl.org/ontology/bibo/
n10https://kar.kent.ac.uk/id/publication/
n9https://kar.kent.ac.uk/id/org/
rdfhttp://www.w3.org/1999/02/22-rdf-syntax-ns#
n20doi:10.1016/
owlhttp://www.w3.org/2002/07/owl#
n4https://kar.kent.ac.uk/id/document/
n14https://kar.kent.ac.uk/id/
xsdhhttp://www.w3.org/2001/XMLSchema#
n21https://demo.openlinksw.com/about/id/entity/https/www.cs.kent.ac.uk/people/staff/akj22/materials/CO644/
n13https://kar.kent.ac.uk/id/person/

Statements

Subject Item
n2:92302
rdf:type
n5:EPrint bibo:Article n5:ArticleEPrint bibo:AcademicArticle
rdfs:seeAlso
n18:
owl:sameAs
n20:j.cose.2021.102469
n5:hasAccepted
n4:3258045
n5:hasDocument
n4:3258220 n4:3258055 n4:3258056 n4:3258057 n4:3258058 n4:3258054 n4:3258045 n4:3258225 n4:3258221 n4:3258222 n4:3258223 n4:3258224
n5:hasPublished
n4:3258220
dc:hasVersion
n4:3258045 n4:3258220
dcterms:title
On the Effectiveness of Ransomware Decryption Tools
wdrs:describedby
n12:export_kar_RDFN3.n3 n21:export_kar_RDFN3.n3
dcterms:date
2021-12
dcterms:creator
n13:ext-burak.filiz@alumni.sabanciuniv.edu n13:ext-j.c.hernandez-castro@kent.ac.uk n13:ext-b.arief@kent.ac.uk n13:ext-orcun.cetin@sabanciuniv.edu
bibo:status
n7:peerReviewed n7:published
dcterms:publisher
n9:ext-f308aad1ef8f70546c3a197f104f2ad5
bibo:abstract
Ransomware is a type of malware that locks out its victim’s access to their device or data – typically by encrypting files – and demands payment in exchange of restoring access. To fight the increasing threat posed by ransomware, security researchers and practitioners have developed decryption tools. These tools aim to help victims in recovering their data, generally by decrypting the compromised files without paying the ransom. Unfortunately, there has been minimal research on the effectiveness of decryption and recovery tools. There is a scant understanding regarding the extent to which these tools can actually recover compromised data. The research presented in this work aims to cover this gap by providing an empirical study on these tools’ effectiveness – in terms of decrypting and restoring compromised data. For doing so, we tested a total of 78 tools created by 11 security companies against 61 ransomware samples. That allows us to present an in-depth critical discussion of the real effectiveness of the recovery tools studied. We found that nearly half of the tools fail to recover compromised data satisfactorily. We conclude that there is still a lot of work to be done before these tools can make a real positive impact on ransomware victims. We finish our work by offering some additional insights and recommendations that could help in improving the effectiveness of ransomware decryption tools.
dcterms:isPartOf
n10:ext-01674048 n14:repository
dcterms:subject
n16:QA
bibo:authorList
n15:authors
bibo:volume
111