Shamir’s Secret Sharing and Ranflood: a Flooding Strategy against Crypto and Exfiltration Ransomware

With the large usage of data storage system, among cybercriminals also increases the employment of crypto and exfiltration ransomwares. At the same time, scientific research is always working on solutions to contrast them, and Data Flooding against Ransomware is one of these. Our work focused on one open-source project in particular implementing it, Ranflood, trying to expand it with a new, novel flooding strategy based on the Shamir's Secret Sharing, to address both crypto and exfiltration threats. Developed in 1979 to make a secret only available when a quorum of its parts is gathered together, Shamir's secret sharing is hereby applied to split a file in more parts, such that they constitute a flood against crypto ransomwares, and to make the original content only retrievable when enough of them are obtained, such that the exfiltration is less likely to succeed, while the victim can hopefully restore his data. This thesis goes through the mathematical details, the analysis of Ranflood, and then the implementation of our strategy, the made choices, computational analysis, intuitive tests and following conclusions.