LooCipher Ransomware Detection Using Lightweight Packet Characteristics
نویسندگان
چکیده
منابع مشابه
Extinguishing Ransomware - A Hybrid Approach to Android Ransomware Detection
Mobile ransomware is on the rise and effective defense from it is of utmost importance to guarantee security of mobile users’ data. Current solutions provided by antimalware vendors are signature-based and thus ineffective in removing ransomware and restoring the infected devices and files. Also, current state-of-the art literature offers very few solutions to effectively detecting and blocking...
متن کاملSoftware-Defined Networking-based Crypto Ransomware Detection Using HTTP Traffic Characteristics
Ransomware is currently the key threat for individual as well as corporate Internet users. Especially dangerous is crypto ransomware that encrypts important user data and it is only possible to recover it once a ransom has been paid. Therefore devising efficient and effective countermeasures is a rising necessity. In this paper we present a novel Software-Defined Networking (SDN) based detectio...
متن کاملRansomware attacks: detection, prevention and cure
The notion of ransomware has actually been around for quite some time. In 1989, Dr Joseph Popp distributed a trojan called PC Cyborg in which malware would hide all folders and encrypt files on the PC’s C: drive. A script delivered a ransom message demanding that $189 be directed to the PC Cyborg Corporation. The afflicted PC wouldn’t function until the ransom was paid and the malware’s actions...
متن کاملUsing ILP to Analyse Ransomware Attacks
This paper describes a preliminary study aimed at using the ILP system ALEPH to interactively assist human experts in learning rules to better understand the behaviour of cyberattacks. We develop an ILP formalism for representing network log data obtained from a sandbox computer that was deliberately infected with the CryptoWall-4 malware (a state-of-the-art ransomware attack known to be causin...
متن کاملAnomalous Packet Detection using Partitioned Payload
We present Anomalous Packet Detection using Partitioned Payload system, we call as AnPDPP. AnPDPP is an improvement to PAYL system which is considered one of the complete systems for payload based anomaly detection. PAYL takes into consideration the entire payload for profile calculation and effectively for anomaly detection. Payload length is very high on port numbers like 21 and 80. Hence it ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Procedia Computer Science
سال: 2020
ISSN: 1877-0509
DOI: 10.1016/j.procs.2020.09.192