Method for Designing Countermeasures for Crypto-Ransomware Based on the NIST CSF

Descripción del Articulo

El texto completo de este trabajo no está disponible en el Repositorio Académico UPC por restricciones de la casa editorial donde ha sido publicado.
Detalles Bibliográficos
Autores: Torres-Calderon, Hector, Velasquez, Marco, Mauricio, David
Formato: artículo
Fecha de Publicación:2021
Institución:Universidad Peruana de Ciencias Aplicadas
Repositorio:UPC-Institucional
Lenguaje:inglés
OAI Identifier:oai:repositorioacademico.upc.edu.pe:10757/657880
Enlace del recurso:http://hdl.handle.net/10757/657880
Nivel de acceso:acceso embargado
Materia:Crypto-ransomware
Cybersecurity
Method
NIST
Security Policies
id UUPC_197119b3f5ed0f53ff7db3456b2bce81
oai_identifier_str oai:repositorioacademico.upc.edu.pe:10757/657880
network_acronym_str UUPC
network_name_str UPC-Institucional
repository_id_str 2670
dc.title.es_PE.fl_str_mv Method for Designing Countermeasures for Crypto-Ransomware Based on the NIST CSF
title Method for Designing Countermeasures for Crypto-Ransomware Based on the NIST CSF
spellingShingle Method for Designing Countermeasures for Crypto-Ransomware Based on the NIST CSF
Torres-Calderon, Hector
Crypto-ransomware
Cybersecurity
Method
NIST
Security Policies
title_short Method for Designing Countermeasures for Crypto-Ransomware Based on the NIST CSF
title_full Method for Designing Countermeasures for Crypto-Ransomware Based on the NIST CSF
title_fullStr Method for Designing Countermeasures for Crypto-Ransomware Based on the NIST CSF
title_full_unstemmed Method for Designing Countermeasures for Crypto-Ransomware Based on the NIST CSF
title_sort Method for Designing Countermeasures for Crypto-Ransomware Based on the NIST CSF
author Torres-Calderon, Hector
author_facet Torres-Calderon, Hector
Velasquez, Marco
Mauricio, David
author_role author
author2 Velasquez, Marco
Mauricio, David
author2_role author
author
dc.contributor.author.fl_str_mv Torres-Calderon, Hector
Velasquez, Marco
Mauricio, David
dc.subject.es_PE.fl_str_mv Crypto-ransomware
Cybersecurity
Method
NIST
Security Policies
topic Crypto-ransomware
Cybersecurity
Method
NIST
Security Policies
description El texto completo de este trabajo no está disponible en el Repositorio Académico UPC por restricciones de la casa editorial donde ha sido publicado.
publishDate 2021
dc.date.accessioned.none.fl_str_mv 2021-11-02T16:38:20Z
dc.date.available.none.fl_str_mv 2021-11-02T16:38:20Z
dc.date.issued.fl_str_mv 2022-01-01
dc.type.es_PE.fl_str_mv info:eu-repo/semantics/article
format article
dc.identifier.issn.none.fl_str_mv 21903018
dc.identifier.doi.none.fl_str_mv 10.1007/978-981-16-3637-0_26
dc.identifier.uri.none.fl_str_mv http://hdl.handle.net/10757/657880
dc.identifier.eissn.none.fl_str_mv 21903026
dc.identifier.journal.es_PE.fl_str_mv Smart Innovation, Systems and Technologies
dc.identifier.eid.none.fl_str_mv 2-s2.0-85116922763
dc.identifier.scopusid.none.fl_str_mv SCOPUS_ID:85116922763
dc.identifier.isni.none.fl_str_mv 0000 0001 2196 144X
identifier_str_mv 21903018
10.1007/978-981-16-3637-0_26
21903026
Smart Innovation, Systems and Technologies
2-s2.0-85116922763
SCOPUS_ID:85116922763
0000 0001 2196 144X
url http://hdl.handle.net/10757/657880
dc.language.iso.es_PE.fl_str_mv eng
language eng
dc.relation.url.es_PE.fl_str_mv https://link.springer.com/chapter/10.1007/978-981-16-3637-0_26
dc.rights.es_PE.fl_str_mv info:eu-repo/semantics/embargoedAccess
eu_rights_str_mv embargoedAccess
dc.format.es_PE.fl_str_mv application/html
dc.publisher.es_PE.fl_str_mv Springer Science and Business Media Deutschland GmbH
dc.source.none.fl_str_mv reponame:UPC-Institucional
instname:Universidad Peruana de Ciencias Aplicadas
instacron:UPC
instname_str Universidad Peruana de Ciencias Aplicadas
instacron_str UPC
institution UPC
reponame_str UPC-Institucional
collection UPC-Institucional
dc.source.journaltitle.none.fl_str_mv Smart Innovation, Systems and Technologies
dc.source.volume.none.fl_str_mv 237
dc.source.beginpage.none.fl_str_mv 365
dc.source.endpage.none.fl_str_mv 380
bitstream.url.fl_str_mv https://repositorioacademico.upc.edu.pe/bitstream/10757/657880/1/license.txt
bitstream.checksum.fl_str_mv 8a4605be74aa9ea9d79846c1fba20a33
bitstream.checksumAlgorithm.fl_str_mv MD5
repository.name.fl_str_mv Repositorio académico upc
repository.mail.fl_str_mv upc@openrepository.com
_version_ 1846065782450028544
spelling d294483047c0c5a103c831695e9829e4ad43c604ff007d672969bcc02054b58bc63d9ae1b7e9e0a8b9f5fffff3be59c0Torres-Calderon, HectorVelasquez, MarcoMauricio, David2021-11-02T16:38:20Z2021-11-02T16:38:20Z2022-01-012190301810.1007/978-981-16-3637-0_26http://hdl.handle.net/10757/65788021903026Smart Innovation, Systems and Technologies2-s2.0-85116922763SCOPUS_ID:851169227630000 0001 2196 144XEl texto completo de este trabajo no está disponible en el Repositorio Académico UPC por restricciones de la casa editorial donde ha sido publicado.Crypto-ransomware are malicious programs that encrypt the data of an infected machine, making it a hostage until the owner of the device decides to pay the fee to recover their information. This has become a complex cybersecurity problem causing more and more economic damage. Crypto-ransomware has rendered cybersecurity models not adequate since they do not establish specific guidelines for the design of countermeasures. This paper proposes a method for the design of countermeasures related to crypto-ransomware attacks based on the NIST 800–53 revision 4 standard and the Information Security Maturity Model published by ISACA in the COBIT Focus magazine. The model consists of five phases: identify vulnerabilities, assess vulnerabilities, propose countermeasures, implement countermeasures, and evaluate countermeasures. This allows an organization to measure its current cybersecurity state, know cybersecurity measures oriented to crypto-ransomware and its prioritization through criticality indexes in a simple, adaptive and easy to implement way. A case study in a Peruvian company shows the simplicity and ease of use of the method, which allows the design of countermeasures with which the level of cybersecurity can be improved by 55.6%.application/htmlengSpringer Science and Business Media Deutschland GmbHhttps://link.springer.com/chapter/10.1007/978-981-16-3637-0_26info:eu-repo/semantics/embargoedAccessCrypto-ransomwareCybersecurityMethodNISTSecurity PoliciesMethod for Designing Countermeasures for Crypto-Ransomware Based on the NIST CSFinfo:eu-repo/semantics/articleSmart Innovation, Systems and Technologies237365380reponame:UPC-Institucionalinstname:Universidad Peruana de Ciencias Aplicadasinstacron:UPCLICENSElicense.txtlicense.txttext/plain; charset=utf-81748https://repositorioacademico.upc.edu.pe/bitstream/10757/657880/1/license.txt8a4605be74aa9ea9d79846c1fba20a33MD51false10757/657880oai:repositorioacademico.upc.edu.pe:10757/6578802021-11-02 16:38:20.972Repositorio académico upcupc@openrepository.comTk9URTogUExBQ0UgWU9VUiBPV04gTElDRU5TRSBIRVJFClRoaXMgc2FtcGxlIGxpY2Vuc2UgaXMgcHJvdmlkZWQgZm9yIGluZm9ybWF0aW9uYWwgcHVycG9zZXMgb25seS4KCk5PTi1FWENMVVNJVkUgRElTVFJJQlVUSU9OIExJQ0VOU0UKCkJ5IHNpZ25pbmcgYW5kIHN1Ym1pdHRpbmcgdGhpcyBsaWNlbnNlLCB5b3UgKHRoZSBhdXRob3Iocykgb3IgY29weXJpZ2h0Cm93bmVyKSBncmFudHMgdG8gRFNwYWNlIFVuaXZlcnNpdHkgKERTVSkgdGhlIG5vbi1leGNsdXNpdmUgcmlnaHQgdG8gcmVwcm9kdWNlLAp0cmFuc2xhdGUgKGFzIGRlZmluZWQgYmVsb3cpLCBhbmQvb3IgZGlzdHJpYnV0ZSB5b3VyIHN1Ym1pc3Npb24gKGluY2x1ZGluZwp0aGUgYWJzdHJhY3QpIHdvcmxkd2lkZSBpbiBwcmludCBhbmQgZWxlY3Ryb25pYyBmb3JtYXQgYW5kIGluIGFueSBtZWRpdW0sCmluY2x1ZGluZyBidXQgbm90IGxpbWl0ZWQgdG8gYXVkaW8gb3IgdmlkZW8uCgpZb3UgYWdyZWUgdGhhdCBEU1UgbWF5LCB3aXRob3V0IGNoYW5naW5nIHRoZSBjb250ZW50LCB0cmFuc2xhdGUgdGhlCnN1Ym1pc3Npb24gdG8gYW55IG1lZGl1bSBvciBmb3JtYXQgZm9yIHRoZSBwdXJwb3NlIG9mIHByZXNlcnZhdGlvbi4KCllvdSBhbHNvIGFncmVlIHRoYXQgRFNVIG1heSBrZWVwIG1vcmUgdGhhbiBvbmUgY29weSBvZiB0aGlzIHN1Ym1pc3Npb24gZm9yCnB1cnBvc2VzIG9mIHNlY3VyaXR5LCBiYWNrLXVwIGFuZCBwcmVzZXJ2YXRpb24uCgpZb3UgcmVwcmVzZW50IHRoYXQgdGhlIHN1Ym1pc3Npb24gaXMgeW91ciBvcmlnaW5hbCB3b3JrLCBhbmQgdGhhdCB5b3UgaGF2ZQp0aGUgcmlnaHQgdG8gZ3JhbnQgdGhlIHJpZ2h0cyBjb250YWluZWQgaW4gdGhpcyBsaWNlbnNlLiBZb3UgYWxzbyByZXByZXNlbnQKdGhhdCB5b3VyIHN1Ym1pc3Npb24gZG9lcyBub3QsIHRvIHRoZSBiZXN0IG9mIHlvdXIga25vd2xlZGdlLCBpbmZyaW5nZSB1cG9uCmFueW9uZSdzIGNvcHlyaWdodC4KCklmIHRoZSBzdWJtaXNzaW9uIGNvbnRhaW5zIG1hdGVyaWFsIGZvciB3aGljaCB5b3UgZG8gbm90IGhvbGQgY29weXJpZ2h0LAp5b3UgcmVwcmVzZW50IHRoYXQgeW91IGhhdmUgb2J0YWluZWQgdGhlIHVucmVzdHJpY3RlZCBwZXJtaXNzaW9uIG9mIHRoZQpjb3B5cmlnaHQgb3duZXIgdG8gZ3JhbnQgRFNVIHRoZSByaWdodHMgcmVxdWlyZWQgYnkgdGhpcyBsaWNlbnNlLCBhbmQgdGhhdApzdWNoIHRoaXJkLXBhcnR5IG93bmVkIG1hdGVyaWFsIGlzIGNsZWFybHkgaWRlbnRpZmllZCBhbmQgYWNrbm93bGVkZ2VkCndpdGhpbiB0aGUgdGV4dCBvciBjb250ZW50IG9mIHRoZSBzdWJtaXNzaW9uLgoKSUYgVEhFIFNVQk1JU1NJT04gSVMgQkFTRUQgVVBPTiBXT1JLIFRIQVQgSEFTIEJFRU4gU1BPTlNPUkVEIE9SIFNVUFBPUlRFRApCWSBBTiBBR0VOQ1kgT1IgT1JHQU5JWkFUSU9OIE9USEVSIFRIQU4gRFNVLCBZT1UgUkVQUkVTRU5UIFRIQVQgWU9VIEhBVkUKRlVMRklMTEVEIEFOWSBSSUdIVCBPRiBSRVZJRVcgT1IgT1RIRVIgT0JMSUdBVElPTlMgUkVRVUlSRUQgQlkgU1VDSApDT05UUkFDVCBPUiBBR1JFRU1FTlQuCgpEU1Ugd2lsbCBjbGVhcmx5IGlkZW50aWZ5IHlvdXIgbmFtZShzKSBhcyB0aGUgYXV0aG9yKHMpIG9yIG93bmVyKHMpIG9mIHRoZQpzdWJtaXNzaW9uLCBhbmQgd2lsbCBub3QgbWFrZSBhbnkgYWx0ZXJhdGlvbiwgb3RoZXIgdGhhbiBhcyBhbGxvd2VkIGJ5IHRoaXMKbGljZW5zZSwgdG8geW91ciBzdWJtaXNzaW9uLgo=
score 13.987519
Method for Designing Countermeasures for Crypto-Ransomware Based on the NIST CSF
Nota importante:
La información contenida en este registro es de entera responsabilidad de la institución que gestiona el repositorio institucional donde esta contenido este documento o set de datos. El CONCYTEC no se hace responsable por los contenidos (publicaciones y/o datos) accesibles a través del Repositorio Nacional Digital de Ciencia, Tecnología e Innovación de Acceso Abierto (ALICIA).

Ejemplares Similares