摘要
勒索病毒近年逐渐发展成了恶意软件中最为突出的威胁,新的变种与技术不断涌现以绕过现存的杀毒软件和其他入侵检测方法。回顾勒索病毒的演化历程,深入剖析其功能结构与具体工作原理,重点聚焦于传播感染方式、C&C服务器连接、设备加密锁定、如何规避监管兑现勒索收益等相关方面。同时归纳总结了可行的一般性防范措施与常见的检测指标,对勒索病毒的发展趋势进行展望,并对一些现存问题及研究方向进行探讨。
Ransomware has gradually developed into the most prominent threat among malware in recent years. New varieties and technologies emerge to bypass the existing anti-virus software and other intrusion detection methods. This paper reviewed the evolution of ransomware, and analyzed its functional structure and working principle in depth. It focused on the transmission of infection, C&C server connection, device encryption and locking, and how to evade the regulation to cash extortion income. And we summarized the feasible preventive measures and common detection indicators. We looked forward to the development trend of ransomware, and some existing problems and research directions were also discussed.
作者
董昱宏
宋广佳
Dong Yuhong;Song Guangjia(School of Engineering and Technology,Jiyang College of Zhejiang A&F University,Zhuji 311800,Zhejiang,China)
出处
《计算机应用与软件》
北大核心
2023年第1期331-343,共13页
Computer Applications and Software
基金
浙江农林大学人才启动项目(JYRC201601)
浙江农林大学暨阳学院大学生科技创新计划项目(JYKC1904)。
关键词
恶意软件
勒索病毒
发展
表征
防范措施
Malware
Ransomware
Evolution
Characterization
Preventive measures
