Abstract
Recent ransomware attacks against critical infrastructure have stressed the need for a deeper understanding of the threat landscape and trends. Yet, this is hard to do due to limited data availability and sharing in open source. This paper provides the justification for, and overview of, the creation and dissemination of a Critical Infrastructure RansomWare (CIRW) dataset. It provides an overview of the CIRW dataset requesters and how they intend to use it. The paper also offers dataset changes over time based on self-assessments and community recommendations. The paper concludes by sharing the many benefits of maintaining an open dialog with the community and its recommendations in the hopes that it will inspire other researchers to take on new and innovative research agendas.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Dossett.: A timeline of the biggest ransomware attacks. Retrieved January 3, 2022. https://www.cnet.com/personal-finance/crypto/a-timeline-of-the-biggest-ransomware-attacks/ (2021)
Tracy.: Turning up the heat: a ransomware attack on critical infrastructure is a nightmare scenario. Retrieved January 3, 2022. https://www.forbes.com/sites/forbestechcouncil/2021/07/20/turning-up-the-heat-a-ransomware-attack-on-critical-infrastructure-is-a-nightmare-scenario/ (2021)
Sanger, D., Perlroth, N.: White house warns companies to act now on ransomware defenses”. Retrieved January 3, 2022. https://www.nytimes.com/2021/06/03/us/politics/ransomware-cybersecurity-infrastructure.html (2021)
Johansen, A.: What is ransomware and how to help prevent ransomware attacks. Retrieved January 25, 2020. https://us.norton.com/internetsecurity-malware-ransomware-5-dos-and-donts.html (2019)
Rege, A., Bleiman, R.: Ransomware attacks against critical infrastructure. In: Proceedings from the 19th European Conference on Cyber Warfare and Security (2020)
Forrester.: Automation and unification enable a cohesive attack surface defense (2021)
Institute for Security and Technology (IST).: Combating ransomware. a comprehensive framework for action: key recommendations from the ransomware task force (2021)
Beaman, C., Barkworth, A., Akande, T.D., Hakak, S., Khan, M.K.: Ransomware: Recent advances, analysis, challenges and future research directions. Comput. Secur. 111, 102490 (2021)
Maigida, A.M., Abdulhamid, S.I.M., Olalere, M., Alhassan, J.K., Chiroma, H., Dada, E.G.: Systematic literature review and metadata analysis of ransomware attacks and detection mechanisms. J. Reliab. Intell. Environ. 5(2), 67–89 (2019)
ISOT Research Lab. Botnet and ransomware detection datasets. Retrieved January 4, 2022. https://www.uvic.ca/ecs/ece/isot/datasets/botnet-ransomware/index.php
Darktracer.: Neutralizing Ransomware. Retrieved January 4, 2022. https://www.darktrace.com/es/resources/ds-ransomware.pdf (2021)
Nkongolo, M., van Deventer, J.P., Kasongo, S.M.: UGRansome1819: A novel dataset for anomaly detection and Zero-Day threats. Information 12(10), 405 (2021)
Hirano, M., Hodota, R., Kobayashi, R.: RanSAP: An open dataset of ransomware storage access patterns for training machine learning models. Forensic Sci. Int.: Digit. Investig. 40, 301314 (2022)
Ransomwhere.re. Retrieved January 4, 2022. https://ransomwhe.re/ (2022)
Lau, C.H.: 5 Steps of a data science project lifecycle. towards data science. https://towardsdatascience.com/5-steps-of-a-data-science-project-lifecycle-26c50372b492 (2019)
Cybersecurity & Infrastructure Security Agency (CISA). Critical infrastructure sectors. Retrieved June 30, 2020. https://www.cisa.gov/critical-infrastructure-sectors (2020)
MITRE ATT&CK. ATT&CK Matrix for Enterprise. Retrieved June 30, 2020. https://attack.mitre.org (2015)
Cybersecruity, Infrastructure security agency (CSIA) joint cybersecurity advisory. cyber actors target K-12 distance learning education to cause disruptions and steal data. https://www.cisa.gov/uscert/sites/default/files/publications/AA20-345A_Joint_Cybersecurity_Advisory_Distance_Learning_S508C.pdf (2020)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Rege, A., Bleiman, R. (2023). A Free and Community-Driven Critical Infrastructure Ransomware Dataset. In: Onwubiko, C., et al. Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media. Springer Proceedings in Complexity. Springer, Singapore. https://doi.org/10.1007/978-981-19-6414-5_2
Download citation
DOI: https://doi.org/10.1007/978-981-19-6414-5_2
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-6413-8
Online ISBN: 978-981-19-6414-5
eBook Packages: Physics and AstronomyPhysics and Astronomy (R0)