Search for: All records

In recent years, ransomware has established itself as one of the most persistent and devastating threats in cybersecurity. Traditionally, these attacks have focused on data at rest, encrypting files and demanding a ransom for their recovery. However, an alarming trend has emerged: ransomware for attacks to data in motion. This data, which includes information transmitted over networks, is critical to the day-to-day operations of organizations and often receives less protection than stored data. This paper aims to explore and characterize these new ransomware threats for attacks to data in motion. It also aims to test the feasibility of these attacks through the creation and implementation of a laboratory environment, as well as to analyze the potential consequences (based on likelihood and impact assessments) of such attacks if they were to be carried out, providing a comprehensive view of the potential emerging risks and warning of the need to create tools for the prevention, detection and mitigation of these attacks. 

Several studies showed that misuses of cryptographic APIs are common in real-world code (e.g., Apache projects and Android apps). There exist several open-sourced and commercial security tools that automatically screen Java programs to detect misuses. To compare their accuracy and security guarantees, we develop two comprehensive benchmarks named CryptoAPI-Bench and ApacheCryptoAPI-Bench. CryptoAPI-Bench consists of 181 unit test cases that cover basic cases, as well as complex cases, including interprocedural, field sensitive, multiple class test cases, and path sensitive data flow of misuse cases. The benchmark also includes correct cases for testing false-positive rates. The ApacheCryptoAPI-Bench consists of 121 cryptographic cases from 10 Apache projects. We evaluate four tools, namely, SpotBugs, CryptoGuard, CrySL, and another tool (anonymous) using both benchmarks. We present their performance and comparative analysis. The ApacheCryptoAPI-Bench also examines the scalability of the tools. Our benchmarks are useful for advancing state-of-the-art solutions in the space of misuse detection.