Ransomware Prevention Using Application Authentication-Based File Access Control
| Title | Ransomware Prevention Using Application Authentication-Based File Access Control |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Ami, Or, Elovici, Yuval, Hendler, Danny |
| Conference Name | Proceedings of the 33rd Annual ACM Symposium on Applied Computing |
| Publisher | ACM |
| ISBN Number | 978-1-4503-5191-1 |
| Keywords | Access Control, antibotics, Authorization, biometric encryption, biometrics, comparability, Metrics, pubcrawl, ransomware, resilience, Resiliency, Scalability |
| Abstract | Ransomware emerged in recent years as one of the most significant cyber threats facing both individuals and organizations, inflicting global damage costs that are estimated upwards of $1 billion in 2016 alone [23]. The increase in the scale and impact of recent ransomware attacks highlights the need of finding effective countermeasures. We present AntiBotics - a novel system for application authentication-based file access control. AntiBotics enforces a file access-control policy by presenting periodic identification/authorization challenges. We implemented AntiBotics for Windows. Our experimental evaluation shows that contemporary ransomware programs are unable to encrypt any of the files protected by AntiBotics and that the daily rate of challenges it presents to users is very low. We discuss possible ways in which future ransomware may attempt to attack AntiBotics and explain how these attacks can be thwarted. |
| URL | https://dl.acm.org/citation.cfm?doid=3167132.3167304 |
| DOI | 10.1145/3167132.3167304 |
| Citation Key | ami_ransomware_2018 |