Cryptoviral extortion using Microsoft's Crypto API.
Saved in:
| Title: | Cryptoviral extortion using Microsoft's Crypto API. |
|---|---|
| Authors: | Young, Adam adamy@acm.org |
| Source: | International Journal of Information Security. 2006, Vol. 5 Issue 2, p67-76. 10p. 1 Diagram, 1 Chart. |
| Subjects: | Computer security, Microsoft Windows device drivers (Computer programs), Data protection, Data encryption, Computer viruses, Computer network security |
| Abstract: | This paper presents the experimental results that were obtained by implementing the payload of a cryptovirus on the Microsoft Windows platform. The attack is based entirely on the Microsoft Cryptographic API and the needed API calls are covered in detail. More specifically, it is shown that by using eight types of API calls and 72 lines of C code, the payload can hybrid encrypt sensitive data and hold it hostage. Benchmarks are also given. A novel countermeasure against cryptoviral extortion attacks is shown that forces the API caller to demonstrate that an authorized party can recover the asymmetrically encrypted data. [ABSTRACT FROM AUTHOR] |
| Copyright of International Journal of Information Security is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Database: | Engineering Source |
| FullText | Links: – Type: pdflink Text: Availability: 0 |
|---|---|
| Header | DbId: egs DbLabel: Engineering Source An: 20559454 AccessLevel: 6 PubType: Academic Journal PubTypeId: academicJournal PreciseRelevancyScore: 0 |
| IllustrationInfo | |
| Items | – Name: Title Label: Title Group: Ti Data: Cryptoviral extortion using Microsoft's Crypto API. – Name: Author Label: Authors Group: Au Data: <searchLink fieldCode="AR" term="%22Young%2C+Adam%22">Young, Adam</searchLink><i> adamy@acm.org</i> – Name: TitleSource Label: Source Group: Src Data: <searchLink fieldCode="JN" term="%22International+Journal+of+Information+Security%22">International Journal of Information Security</searchLink>. 2006, Vol. 5 Issue 2, p67-76. 10p. 1 Diagram, 1 Chart. – Name: Subject Label: Subjects Group: Su Data: <searchLink fieldCode="DE" term="%22Computer+security%22">Computer security</searchLink><br /><searchLink fieldCode="DE" term="%22Microsoft+Windows+device+drivers+%28Computer+programs%29%22">Microsoft Windows device drivers (Computer programs)</searchLink><br /><searchLink fieldCode="DE" term="%22Data+protection%22">Data protection</searchLink><br /><searchLink fieldCode="DE" term="%22Data+encryption%22">Data encryption</searchLink><br /><searchLink fieldCode="DE" term="%22Computer+viruses%22">Computer viruses</searchLink><br /><searchLink fieldCode="DE" term="%22Computer+network+security%22">Computer network security</searchLink> – Name: Abstract Label: Abstract Group: Ab Data: This paper presents the experimental results that were obtained by implementing the payload of a cryptovirus on the Microsoft Windows platform. The attack is based entirely on the Microsoft Cryptographic API and the needed API calls are covered in detail. More specifically, it is shown that by using eight types of API calls and 72 lines of C code, the payload can hybrid encrypt sensitive data and hold it hostage. Benchmarks are also given. A novel countermeasure against cryptoviral extortion attacks is shown that forces the API caller to demonstrate that an authorized party can recover the asymmetrically encrypted data. [ABSTRACT FROM AUTHOR] – Name: AbstractSuppliedCopyright Label: Group: Ab Data: <i>Copyright of International Journal of Information Security is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.) |
| PLink | https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=20559454 |
| RecordInfo | BibRecord: BibEntity: Identifiers: – Type: doi Value: 10.1007/s10207-006-0082-7 Languages: – Code: eng Text: English PhysicalDescription: Pagination: PageCount: 10 StartPage: 67 Subjects: – SubjectFull: Computer security Type: general – SubjectFull: Microsoft Windows device drivers (Computer programs) Type: general – SubjectFull: Data protection Type: general – SubjectFull: Data encryption Type: general – SubjectFull: Computer viruses Type: general – SubjectFull: Computer network security Type: general Titles: – TitleFull: Cryptoviral extortion using Microsoft's Crypto API. Type: main BibRelationships: HasContributorRelationships: – PersonEntity: Name: NameFull: Young, Adam IsPartOfRelationships: – BibEntity: Dates: – D: 01 M: 03 Text: 2006 Type: published Y: 2006 Identifiers: – Type: issn-print Value: 16155262 Numbering: – Type: volume Value: 5 – Type: issue Value: 2 Titles: – TitleFull: International Journal of Information Security Type: main |
| ResultId | 1 |