Shamir’s Secret Sharing and Ranflood: a Flooding Strategy against Crypto and Exfiltration Ransomware

D'Ugo, Daniele (2024) Shamir’s Secret Sharing and Ranflood: a Flooding Strategy against Crypto and Exfiltration Ransomware. [Laurea], Università di Bologna, Corso di Studio in Informatica [L-DM270]
Documenti full-text disponibili:
[thumbnail of Thesis] Documento PDF (Thesis)
Disponibile con Licenza: Creative Commons: Attribuzione - Condividi allo stesso modo 4.0 (CC BY-SA 4.0)

Download (546kB)

Abstract

With the large usage of data storage system, among cybercriminals also increases the employment of crypto and exfiltration ransomwares. At the same time, scientific research is always working on solutions to contrast them, and Data Flooding against Ransomware is one of these. Our work focused on one open-source project in particular implementing it, Ranflood, trying to expand it with a new, novel flooding strategy based on the Shamir's Secret Sharing, to address both crypto and exfiltration threats. Developed in 1979 to make a secret only available when a quorum of its parts is gathered together, Shamir's secret sharing is hereby applied to split a file in more parts, such that they constitute a flood against crypto ransomwares, and to make the original content only retrievable when enough of them are obtained, such that the exfiltration is less likely to succeed, while the victim can hopefully restore his data. This thesis goes through the mathematical details, the analysis of Ranflood, and then the implementation of our strategy, the made choices, computational analysis, intuitive tests and following conclusions.

Abstract
Tipologia del documento
Tesi di laurea (Laurea)
Autore della tesi
D'Ugo, Daniele
Relatore della tesi
Scuola
Corso di studio
Ordinamento Cds
DM270
Parole chiave
shamir,polynomials,finite-fields,java,open-source,ransomware,exfiltration,crypto,cybersecurity,shamirs-secret-sharing,malware,flooding
Data di discussione della Tesi
10 Luglio 2024
URI

Altri metadati

Statistica sui download

Gestione del documento: Visualizza il documento

^