🎙️ Alida Øvermo-Mortensen
Talk Title: Ransomware Detection Based on Comparative Hybridised Analysis
Abstract
In this talk, Alida Øvermo-Mortensen presents her bachelor project, completed during her final year at Noroff University College. The project focuses on replicating and validating a comparative hybridised malware analysis framework that combines static, dynamic, network, and forensic analysis techniques. The framework also maps observed tactics and techniques to the MITRE ATT&CK framework.
Alida’s research examines and compares two currently active ransomware families—Phobos and Blacksuit—using the adapted framework. This approach is notable for being the first to apply the framework to these two new and unrelated ransomware strains.
Recognizing ransomware as a rapidly evolving and persistent threat, the project addresses the urgent need for effective detection and deeper understanding. While the original framework relied on a hardware-based lab environment, Alida’s adaptation uses cloud-based sandboxes, making the methodology more accessible and practical without sacrificing analytical depth.
By identifying common indicators of compromise that are less likely to change over time, the study provides a foundation for broader ransomware detection. Alida’s comparison results in a set of YARA rules and a comprehensive summary of IOCs, both of which were tested and validated during the project.
The findings demonstrate that cloud-based tools can yield valuable insights and support the development of repeatable, scalable detection methods for emerging ransomware threats.
Bio
Alida Øvermo-Mortensen is set to graduate in June 2025 with a bachelor’s degree in cyber security from Noroff University College. During her final year of studies, she worked part-time as a security analyst in a Security Operations Center (SOC), and she will transition to a full-time role at Orange Cyberdefense following graduation.
Alida’s interest in cyber security is driven by its growing importance in modern society and the continuous need for improvement in both knowledge and technology. She is passionate about learning, sharing insights, and contributing to the security community. Her presentation at BSides Kristiansand is based on her final-year research and reflects her commitment to improving ransomware detection through practical, scalable methodologies.