Download PDFOpen PDF in browserBehaviour Based Ransomware Detection10 pages•Published: March 13, 2019AbstractRansomware is an ever-increasing threat in the world of cyber security targeting vulnerable users and companies, but what is lacking is an easier way to group, and devise practical and easy solutions which every day users can utilise.In this paper we look at the different characteristics of ransomware, and present preventative techniques to tackle these ransomware attacks. More specifically our techniques are based on ransomware behaviour as opposed to the signature based detection used by most anti-malware software. We further discuss the implementation of these techniques and their effectiveness. We have tested the techniques on four prominent ransomware strains, WannaCry, TeslaCrypt, Cerber and Petya. In this paper we discuss how our techniques dealt with these ransomware strains and the performance impact of these techniques. Keyphrases: acl authentication, behaviour, behaviour based detection, file entropy, file monitoring, ransomware In: Gordon Lee and Ying Jin (editors). Proceedings of 34th International Conference on Computers and Their Applications, vol 58, pages 127-136.
|