Data Recovery from Ransom ware Affected Android Phone using Forensic Tools

Authors

  • PH Rughani Institute of Forensic Science, Gujarat Forensic Sciences University, Gandhinagar, India

DOI:

https://doi.org/10.26438/ijcse/v5i8.6770

Keywords:

Ransomware, Android Ransomware, Ransomware Forensics, Data Recovery, Malware Forensics, Android Forensics

Abstract

With increasing use of computers and mobile phones, malware attacks are also increased in last few years. Ransomware – one of the malware has become the biggest challenge for security experts and end users. There is urgent need to defend computers and smartphones against possible ransomware attacks. However, it may not be possible to stop such attacks, the attempt can be made to recover from such attacks. This paper discusses possibilities to recover data from encrypted files from ransomware affected android phones. The work presented in this paper was carried out to assist forensic investigators and assure end users that there are possible ways to retrieve their data without paying ransom money. It would be encouraging for end users to know that in most of the cases the data encrypted by a ransomware can be retrieved with help of forensic tools and it will be equally discouraging for attackers. The paper is focused on data recovery from ransomware affected android phones.

References

A. Gazet, “Comparative analysis of various ransomware virii”, Journal in computer virology, Vol.6, Issue.1, pp. 77-90, 2010

A. Kharraz, W. Robertson, D. Balzarotti, L. Bilge & E. Kirda, “Cutting the gordian knot: A look under the hood of ransomware attacks”, International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, Springer International Publishing, pp. 3-24, 2015

N. Andronio, S. Zanero & F. Maggi, “HelDroid: Dissecting and detecting mobile ransomware”, International Workshop on Recent Advances in Intrusion Detection, Springer International Publishing pp. 382-404, 2015

K. Cabaj, P. Gawkowski, K. Grochowski, & D. Osojca, “Network activity analysis of CryptoWall ransomware” Przegląd Elektrotechniczny, Vol.91, Issue.11, pp. 201-204, 2015

N. Scaife, H. Carter, P. Traynor, & K. R. Butler, “Cryptolock (and drop it): stopping ransomware attacks on user data”, Distributed Computing Systems (ICDCS), IEEE 36th International Conference on, IEEE, pp. 303-312, 2016

V. K. Gujare and P. Malviya, "Android Malicious apps and Malware Security: A Review", International Journal of Computer Sciences and Engineering, Vol.4, Issue.4, pp. 43-47, 2016.

V. Kapoor, "Data Encryption and Decryption Using Modified RSA Cryptography Based on Multiple Public Keys and ‘n’prime Number", International Journal of Scientific Research in Network Security and Communication, Vol.1, Issue.2, pp.35-38, 2013.

Downloads

Published

2025-11-11
CITATION
DOI: 10.26438/ijcse/v5i8.6770
Published: 2025-11-11

How to Cite

[1]
ph Rughani, “Data Recovery from Ransom ware Affected Android Phone using Forensic Tools”, Int. J. Comp. Sci. Eng., vol. 5, no. 8, pp. 67–70, Nov. 2025.

Issue

Vol. 5 No. 8 (2017): IJCSE August Edition

Section

Research Article

License

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.