Next Article in Journal
An Experimental Analysis of Deep Learning Architectures for Supervised Speech Enhancement
Next Article in Special Issue
The Influences of Feature Sets on the Detection of Advanced Persistent Threats
Previous Article in Journal
Development of a Portable, Reliable and Low-Cost Electrical Impedance Tomography System Using an Embedded System
Previous Article in Special Issue
Quantifiable Interactivity of Malicious URLs and the Social Media Ecosystem
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Electronics
Volume 10
Issue 1
10.3390/electronics10010016
Review Report
electronics-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

Magniber v2 Ransomware Decryption: Exploiting the Vulnerability of a Self-Developed Pseudo Random Number Generator

Electronics 2021, 10(1), 16; https://doi.org/10.3390/electronics10010016
by Sehoon Lee 1, Myungseo Park 1,* and Jongsung Kim 1,2
Reviewer 1: Anonymous
Reviewer 2: Anonymous
Electronics 2021, 10(1), 16; https://doi.org/10.3390/electronics10010016
Submission received: 28 November 2020 / Revised: 18 December 2020 / Accepted: 20 December 2020 / Published: 24 December 2020
(This article belongs to the Special Issue New Challenges on Cyber Threat Intelligence)

Round 1

Reviewer 1 Report

Dear Authors:

This is a very good paper that joins science and practice. The paper is easy to follow, very well-written and properly organized. Moreover, the presented methods were verified experimentally.

I strongly recommend acceptance of the manuscript, after resolving (very) minor issues:

  1. The following statement may cause misunderstandings (lines 37-39):

„One protection method is hybrid encryption1 File encryption is performed by a symmetric-key cipher: the attacker encrypts the encryption keys using its his/her public key and places the encrypted encryption keys in the victim’s system.”
To make it more understandable, I recommend moving the footnote to the main text.

  1. Please expand all important abbreviations (like “IV”, etc.).
  2. Please move Table 1 to the bottom of the page, since currently it appears before its reference in the main text.
  3. There are several strange linguistic phrases in the paper, such as “encrypted encryption”, please correct them.
  4. Line 149: “Fig. 1”->”Figure 1”.

Author Response

Please see the attachment

Author Response File: Author Response.pdf

Reviewer 2 Report

The authors analyzed Magniber v2 ransomware and its PRNG. They managed to successfully recover the encryption key by exploiting ransomware vulnerability.

This is well-done research and well-structured paper but nevertheless, there are some shortcomings that I suggest improving before accepting this paper. 

1. in the title first part is not necessary (Magniber v2 Ransomware Decryption). Try to rewrite the title. It is only a suggestion (not obligatory). 

2. Try to give some more information on the results in the abstract.

3. Rewrite Introduction so you give background, goal/purpose and contribution of your research. Related work can be in the new Section and there is no need to highlight that Related work analysis is in the domain of decryption of ransomware. It is understandable in itself.

4. Big question of this paper is its scientific soundness. You are solving one unique problem in this paper. Is this approach applicable to a whole class of problems, did you try the same approach to recover the encryption key on other ransomware? In this way, it is engineering, not science so highlight the broad applicability of this approach. 

5. It is not clear what is planned in future research based on the conclusion taken from this research.

5. Check your references, you have a lot of internet sources that are not in reference style (date of access, etc.). Include scientific papers in respected journals (IEEE, Springer, ACM, Elsevier) especially in related work part. Literature has to be current. 

Author Response

Please see the attachment

Author Response File: Author Response.pdf

Round 2

Reviewer 2 Report

Corrections that were made are sufficient. I am recommending this manuscript for publication.

Back to TopTop