Implementación de git y cifrado en documentos XML como estrategia de mitigación contra ransomware

Luis Isaac Trigás Cerezo; Miguel Vargas Lombardo

doi:10.48204/3072-9696.7414

Submitted June 3, 2025

Published 2025-12-18

Artículos

Vol. 1 No. 2 (2025): Más TIC

Implementation of git and encryption in XML documents as a mitigation strategy against ransomware

Luis Isaac Trigás Cerezo⁺⁻
Miguel Vargas Lombardo⁺⁻

DOI https://doi.org/10.48204/3072-9696.7414

PDF (Español (España))

References

DOI: 10.48204/3072-9696.7414

Published: 2025-12-18

How to Cite

Trigás Cerezo, L. I., & Vargas Lombardo, M. (2025). Implementation of git and encryption in XML documents as a mitigation strategy against ransomware. Más TIC, 1(2), 96–113. https://doi.org/10.48204/3072-9696.7414

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Abstract

Technology has made significant advances in a short time, which in turn makes cyberattacks such as ransomware more complex and lethal. Many stakeholders in the computer security sector are investigating ways to counter cyberattacks and especially ransomware. The most frequent results regarding ransomware attacks usually have a focus on avoiding the introduction of malicious vectors to the systems, using machine learning, artificial intelligence, an ailment that this approach entails is when the defense is breached, the system is completely exposed. and therefore, access and control of all files.

The approach or premise that the article investigated in this document focuses on is to protect important documents against a ransomware attack, making use of the principle of Git (version control system), it is about having versions or copies protected at the level editing and access permissions for documents that the user considers important. Part of the research contemplates the implementation of this concept in the form of a component or extension for Microsoft Word so that automatically when a document is finished working, a new copy of the latest changes is generated. The impact on performance during the execution of the plugin on a computer is also evaluated. As an additional value to the research, the implementation of SHA 256 encryption of documents is contemplated and analyzed as an additional layer of security.

Downloads

Download data is not yet available.

References

Al-Dwairi, M., Shatnawi, A. S., Al-Khaleel, O., & Al-Duwairi, B. (2022). Ransomware-Resilient Self-Healing XML Documents. Future Internet, 14(4), 118. https://doi.org/10.3390/fi14040118
Alcántara, M., & Melgar, A. (2016). Risk Management in Information Security: A Systematic Review. Journal of Advances in Information Technology, 7(1), 1-13. https://www.semanticscholar.org/paper/Risk-Management-in-Information-Security%3A-A-Review-Alcantara-Melgar/eecec6f2c2822abd7077238cb636734f182de218
Beaman, C., Barkworth, J., Akande, T., Hakak, S., & Khan, H. A. (2021). The Impact of the COVID-19 Pandemic on Ransomware Attacks. 2021 International Conference on Information Networking (ICOIN), 638-643. https://doi.org/10.1109/ICOIN51403.2021.9392211
Biju, J. M. (2019). Types of Cyber Attacks and Their Prevention Methods. International Journal of Advanced Engineering and Management, 4(2), 1-5. https://www.ijamr.com/index.php/ijamr/article/view/100088
Bouam, M., Bouillaguet, C., Delaplace, C., & Noûs, C. (2021). A Survey on Cyber-Attacks and Their Impact on Modern Society. Journal of Cybersecurity and Digital Forensics, 4(2), 1-15. https://www.jcdf.eu/index.php/jcdf/article/view/123
CheckPoint. (2024). Cyber Security Report 2024. Recuperado de https://www.checkpoint.com/downloads/downloads-reports/2024-cyber-security-report.pdf
CSIRT. (2022). Ransomware: una amenaza para la seguridad de la información. Recuperado de https://csirt.gob.cl/vulnerabilidades/ransomware-una-amenaza-para-la-seguridad-de-la-informacion/
CSIRT. (s.f.). Incidentes reportados hacia el CSIRT. [Gráfico].
Fauziah, R., Rachmawanto, E. H., Setiadi, D., & Sari, C. A. (2019). An Overview of SHA-256 and Its Implementation in Digital Signature. Journal of Physics: Conference Series, 1374(1). https://doi.org/10.1088/1742-6596/1374/1/012015
Fortinet. (2022). Global Threat Landscape Report 2022. Recuperado de https://www.fortinet.com/content/dam/fortinet/assets/reports/report/2022-fortiguard-labs-global-threat-landscape-report.pdf
IBM. (s.f.). What are security controls? Recuperado de https://es.wiktionary.org/wiki/complet%C3%A1
Miles, M. B., & Huberman, A. M. (1994). Qualitative data analysis: An expanded sourcebook. SAGE Publications.
Presidencia de Panamá. (2012). Decreto Ejecutivo No. 403 de 2012. https://www.gacetaoficial.gob.pa/pdfTemp/27043_A/Gaceta Oficial.pdf
Richardson, R. (2017). Ransomware: A Comprehensive Guide to Prevention, Detection, and Recovery. SAGE Publications.
Seguras, J. (2022). Ciberataques en Panamá se incrementan 124%. La Prensa. https://www.prensa.com/economia/ciberataques-en-panama-se-incrementan-124-en-un-ano/
Veritas. (s.f.). Ransomware Prevention and Protection. https://www.veritas.com/services/ransomware-protection

Keywords

PDF (Español (España))

Resumen visto - 194 veces
PDF (Español (España)) descargado - 123

Licencia

Content Top

[1] Al-Dwairi, M., Shatnawi, A. S., Al-Khaleel, O., & Al-Duwairi, B. (2022). Ransomware-Resilient Self-Healing XML Documents. Future Internet, 14(4), 118. https://doi.org/10.3390/fi14040118

[2] Alcántara, M., & Melgar, A. (2016). Risk Management in Information Security: A Systematic Review. Journal of Advances in Information Technology, 7(1), 1-13. https://www.semanticscholar.org/paper/Risk-Management-in-Information-Security%3A-A-Review-Alcantara-Melgar/eecec6f2c2822abd7077238cb636734f182de218

[3] Beaman, C., Barkworth, J., Akande, T., Hakak, S., & Khan, H. A. (2021). The Impact of the COVID-19 Pandemic on Ransomware Attacks. 2021 International Conference on Information Networking (ICOIN), 638-643. https://doi.org/10.1109/ICOIN51403.2021.9392211

[4] Biju, J. M. (2019). Types of Cyber Attacks and Their Prevention Methods. International Journal of Advanced Engineering and Management, 4(2), 1-5. https://www.ijamr.com/index.php/ijamr/article/view/100088

[5] Bouam, M., Bouillaguet, C., Delaplace, C., & Noûs, C. (2021). A Survey on Cyber-Attacks and Their Impact on Modern Society. Journal of Cybersecurity and Digital Forensics, 4(2), 1-15. https://www.jcdf.eu/index.php/jcdf/article/view/123

[6] CheckPoint. (2024). Cyber Security Report 2024. Recuperado de https://www.checkpoint.com/downloads/downloads-reports/2024-cyber-security-report.pdf

[7] CSIRT. (2022). Ransomware: una amenaza para la seguridad de la información. Recuperado de https://csirt.gob.cl/vulnerabilidades/ransomware-una-amenaza-para-la-seguridad-de-la-informacion/

[8] CSIRT. (s.f.). Incidentes reportados hacia el CSIRT. [Gráfico].

[9] Fauziah, R., Rachmawanto, E. H., Setiadi, D., & Sari, C. A. (2019). An Overview of SHA-256 and Its Implementation in Digital Signature. Journal of Physics: Conference Series, 1374(1). https://doi.org/10.1088/1742-6596/1374/1/012015

[10] Fortinet. (2022). Global Threat Landscape Report 2022. Recuperado de https://www.fortinet.com/content/dam/fortinet/assets/reports/report/2022-fortiguard-labs-global-threat-landscape-report.pdf

[11] IBM. (s.f.). What are security controls? Recuperado de https://es.wiktionary.org/wiki/complet%C3%A1

[12] Miles, M. B., & Huberman, A. M. (1994). Qualitative data analysis: An expanded sourcebook. SAGE Publications.

[13] Presidencia de Panamá. (2012). Decreto Ejecutivo No. 403 de 2012. https://www.gacetaoficial.gob.pa/pdfTemp/27043_A/Gaceta Oficial.pdf

[14] Richardson, R. (2017). Ransomware: A Comprehensive Guide to Prevention, Detection, and Recovery. SAGE Publications.

[15] Seguras, J. (2022). Ciberataques en Panamá se incrementan 124%. La Prensa. https://www.prensa.com/economia/ciberataques-en-panama-se-incrementan-124-en-un-ano/

[16] Veritas. (s.f.). Ransomware Prevention and Protection. https://www.veritas.com/services/ransomware-protection

Cover image

How to Cite

Download Citation

Abstract

Downloads

References

Keywords

Licencia