Conclusion

The research described in this book has addressed an innovative methodology in the field of cyber threat intelligence to detect and analyse the behavior of ransomware from a semantic perspective. In detail, this study has been oriented towards the construction of a classification scheme to systematize the knowledge about ransomware in order to make the connections they prove to have in given cyber episodes more explicit and possibly employed by a community of experts for defense strategies. Although, as notably remarked in the first chapters, a range of cyber threat classification systems have already been provided by the main authoritative institutions working in the Cybersecurity field of knowledge, such as CAPEC™, CVE, CPE, CWE, MAEC, Kill Chain Model, MITRE ATT & CK. The focus of these systems has been strictly referred to the attacks features configuration in a taxonomic perspective. Other works in the literature have covered the aim of developing classification tools to support the predictive systems fighting against the cyber attacks, and some of them, as Rantology or VulnOnt, specifically analysed the ransomware to create a semantic approach, specifically relating to ontologies as main systems to organize and represent domain-oriented knowledge.