How to Make Efficient Decoy Files for Ransomware Detection?
| Title | How to Make Efficient Decoy Files for Ransomware Detection? |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Lee, Jeonghwan, Lee, Jinwoo, Hong, Jiman |
| Conference Name | Proceedings of the International Conference on Research in Adaptive and Convergent Systems |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-5027-3 |
| Keywords | Access Control, composability, Decoy, File I/O, Metrics, pubcrawl, ransomware, resilience, Resiliency |
| Abstract | Recently, Ransomware has been rapidly increasing and is becoming far more dangerous than other common malware types. Unlike previous versions of Ransomware that infect email attachments or access certain sites, the new Ransomware, such as WannaCryptor, corrupts data even when the PC is connected to the Internet. Therefore, many studies are being conducted to detect and defend Ransomware. However, existing studies on Ransomware detection cannot effectively detect and defend the new Ransomware because it detects Ransomware using signature databases or monitoring specific activities of processes. In this paper, we propose a method to make decoy files for detecting Ransomwares efficiently. The proposed method is based on the analysis of the behaviors of existing Ransomwares at the source code level. |
| URL | https://dl.acm.org/citation.cfm?doid=3129676.3129713 |
| DOI | 10.1145/3129676.3129713 |
| Citation Key | lee_how_2017 |