T. Micro, By the numbers: Ransomware rising. http://www.trendmicro. com.ph/vinfo/ph/security/news/cybercrime-and-digital-threats/ by-the-numbers-ransomware-rising

R. Paz, Teslacrypt and Locky: A Sta- tistical Perspective

L. Abrams, The Week In Ransomware http://www.bleepingcomputer.com/news/security/ the-week-in-ransomware-june-24-2016-locky-returns-cryptxxx-apocalypse-and-more, 2016.

. Kaspersky, Kaspersky Security Bulletin 2015. https://securelist.com/files, 2015.

L. Adam, M. Young, and . Yung, Cryptovirology: Extortion-based security threats and countermeasures, IEEE Symposium on Security and Privacy, pp.129-140, 1996.

A. Gazet, Comparative analysis of various ransomware virii, Journal in Computer Virology, vol.6, issue.1, pp.77-90, 2010.
DOI : 10.1007/s11416-008-0092-2

A. Kharraz, W. Robertson, D. Balzarotti, L. Bilge, and E. Kirda, Cutting the Gordian Knot: A Look Under the Hood of Ransomware Attacks, Detection of Intrusions and Malware, and Vulnerability Assessment, pp.3-24, 2015.
DOI : 10.1007/978-3-319-20550-2_1

P. Syverson, A taxonomy of replay attacks [cryptographic protocols], Proceedings The Computer Security Foundations Workshop VII, pp.187-191, 1994.
DOI : 10.1109/CSFW.1994.315935

S. Josse, White-box attack context cryptovirology, Journal in Computer Virology, vol.47, issue.6, pp.321-334, 2009.
DOI : 10.1007/s11416-008-0097-x

J. Wyke and A. Ajjan, Sophos: the Current State of Ransomware, 2015.

V. Kotov and M. Singh-rajpal, Bromium: Understanding Crypto- Ransomware, 2014. https://www.bromium.com/sites/default/files/ bromium-report-ransomware.pdf. 14. Denis Sinegubko. How CTB-Locker Ransomware Uses Bit- coin And Blockchain

P. Invincea-endpoint-security and . Belcher, Hash Factory: New Cerber Ransomware Morphs Every 15 Seconds. https://www.invincea.com/2016/06/ hash-factory-new-cerber-ransomware-morphs-every-15-seconds

L. Ronald, A. Rivest, L. Shamir, and . Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, vol.21, issue.2, pp.120-126, 1978.

S. Victor and . Miller, Use of elliptic curves in cryptography, Conference on the Theory and Application of Cryptographic Techniques, pp.417-426, 1985.

. Symantec and . Trojan, Synolocker, 2014. https://www.symantec.com/security_ response/writeup.jsp?, pp.2014-080708

D. Nazarov and O. Emelyanova, Blackmailer: the story of Gp- code, 2006.

A. Allievi and E. Carter, Ransomware on Steroids: Cryptowall 2.0. Cisco, 2015.

Y. Klijnsma, The history of Cryptowall: a large scale cryptographic ransomware threat

M. Marc-etienne and . Léveillé, TorrentLocker: Ransomware in a country near you, 2014.

H. Lipmaa, P. Rogaway, and D. Wagner, Ctr-mode encryption 27. Zairon. CTB-Locker encryption/decryption scheme in details, First NIST Workshop on Modes of Operation, 2000.

J. Daniel and . Bernstein, A state-of-the-art Diffie-Hellman function

L. Abrams, CTB-Locker for Websites: Reinventing an old Ransomware. http://www.bleepingcomputer.com/news/security/ ctb-locker-for-websites-reinventing-an-old-ransomware

T. Group, Threat Spotlight: TeslaCrypt ? Decrypt It Yourself, 2015.

M. Marcos and . Crypvault, New Crypto-ransomware Encrypts and " Quarantines " Files. http://blog.trendmicro.com/trendlabs-security-intelligence/ crypvault-new-crypto-ransomware-encrypts-and-quarantines-files/. 32. Fedor Sinitsyn. Locky: the encryptor taking the world by storm, 2016.

F. Sinitsyn, Petya: the two-in-one trojan, 2016.

J. Daniel and . Bernstein, The salsa20 family of stream ciphers, New stream cipher designs, pp.84-97, 2008.

. Leo-stone, Hack-petya mission accomplished

. Wikipedia, Block cipher mode of operation

G. Hunt and D. Brubacher, Detours: Binary interception of win 32 functions, 3rd USENIX Windows NT Symposium, 1999.

. Hasherezade, Look into locky ransomware. https://blog.malwarebytes.com/ threat-analysis, 2016.