کد مقاله | کد نشریه | سال انتشار | مقاله انگلیسی | نسخه تمام متن |
---|---|---|---|---|
6884080 | 1444212 | 2018 | 28 صفحه PDF | دانلود رایگان |
عنوان انگلیسی مقاله ISI
R-Locker: Thwarting ransomware action through a honeyfile-based approach
دانلود مقاله + سفارش ترجمه
دانلود مقاله ISI انگلیسی
رایگان برای ایرانیان
موضوعات مرتبط
مهندسی و علوم پایه
مهندسی کامپیوتر
شبکه های کامپیوتری و ارتباطات
پیش نمایش صفحه اول مقاله

چکیده انگلیسی
Ransomware has become a pandemic nowadays. Although some proposals exist to fight against this increasing type of extortion, most of them are prevention like and rely on the assumption that early detection is not so effective once the victim is infected. This paper presents a novel approach intended not just to early detect ransomware but to completely thwart its action. For that, a set of honeyfiles is deployed around the target environment in order to catch the ransomware. Instead of being normal archives, honeyfiles are FIFO like, so that the ransomware is blocked once it starts reading the file. In addition to frustrate its action, our honeyfile solution is able to automatically launch countermeasures to solve the infection. Moreover, as it does not require previous training or knowledge, the approach allows fighting against unknown, zero-day ransomware related attacks. As a proof of concept, we have developed the approach for Linux platforms. The tool, named R-Locker, shows excellent performance both from the perspective of its accuracy as well as in terms of complexity and resource consumption. In addition, it has no special needs or privileges and does not affect the normal operation of the overall environment.
ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Computers & Security - Volume 73, March 2018, Pages 389-398
Journal: Computers & Security - Volume 73, March 2018, Pages 389-398
نویسندگان
J.A. Gómez-Hernández, L. Álvarez-González, P. GarcÃa-Teodoro,