A study on windows-based ransomware implications on linux operating system using compatibility layer wine based on dynamic analysis

Abstract

Linux is an open source operating system that uses the Linux kernel. The security of Linux makes its users rarely use antivirus to prevent the threat of ransomware attacks. The purpose of this study is to assess the security of the Linux operating system that uses Wine as a compatibility layer against ransomware attacks. Then to determine whether ransomware has a higher impact than malware samples in previous studies or not. The methods used on the 30 samples are static analysis to identify samples, and dynamic analysis to determine the implications. From the 30 ransomware samples that can run on the Linux operating system, the results obtained show that 80% affect the registry, 50% affect the file system, 50% affect the service, 70% affect the Network and 60% affect the Process. While overall there are 30% of samples that affect the five existing parameters. The results show that ransomware has relatively high implications for existing parameters, inversely proportional to previous research.