Abstract
Ransomware nowadays is one of the most critical security threats. Ransomware attacks are targeted at governments, enterprises, and casual users. Without very good backup and retention policies, it can lead to serious data damage. However, even very good data protection can’t secure data from being stolen and revealed after a successful ransomware attack. This could be also very dangerous, especially for governments and enterprises in terms e.g. of trust and confidence. We have seen many times all these kinds of problems during our professional activity. We have helped recover from many ransomware attacks. Sometimes we were able to recover almost all of the encrypted data, sometimes not even a single one. That is why we have started the project that will end with specifications and working Proof-of-Concept of the ransomware detection mechanism.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Scaife, N., Carter, H., Traynor, P., Butler, K.R.B.: CryptoLock (and drop it): stopping ransomware attacks on user data. In: IEEE 36th International Conference on Distributed Computing Systems (ICDCS), pp. 303–312, June 2016
Continella, A., et al.: ShieldFS: a self-healing, ransomware-aware filesystem. In: Proceedings of the 32nd Annual Conference on Computer Security Applications, pp. 336–347. ACM, New York (2016)
Kharraz, A., Kirda, E.: Redemption: real-time protection against ransomware at end-hosts in research in attacks, intrusions, and defenses. In: Dacier, M., Bailey, M., Polychronakis, M., Antonakakis, M. (eds.) Research in Attacks, Intrusions, and Defenses, vol. 10453, pp. 98–119. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66332-6_5
Palisse, A., Durand, A., Le Bouder, H., Le Guernic, C., Lanet, J.-L.: Data aware defense (DaD): towards a generic and practical ransomware countermeasure. In: Lipmaa, H., Mitrokotsa, A., Matulevičius, R. (eds.) Secure IT Systems, vol. 10674, pp. 192–208. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70290-2_12
Palisse, A., Le Bouder, H., Lanet, J.-L., Le Guernic, C., Legay, A.: Ransomware and the legacy crypto API. In: Cuppens, F., Cuppens, N., Lanet, J.L., Legay, A. (eds.) Risks and Security of Internet and Systems, vol. 10158, pp. 11–28. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-54876-0_2
Kolodenker, E., Koch, W., Stringhini, G., Egele, M.: Paybreak: defense against cryptographic ransomware. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 599–611. ACM, New York (2017)
Lee, J., Lee, J., Hong, J.: How to make efficient decoy files for ransomware detection? In: Proceedings of the International Conference on Research in Adaptive and Convergent Systems, pp. 208–212. ACM, Krakow (2017)
Acknowledgment
This work is partially funded by The National Centre for Research and Development, Poland. The project number is CYBERSECIDENT/490737/IV/NCBR/2021. The project will last till the end of the year 2023.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Glet, M., Kaczyński, K. (2022). POSTER: Ransomware Detection Mechanism – Current State of the Project. In: Zhou, J., et al. Applied Cryptography and Network Security Workshops. ACNS 2022. Lecture Notes in Computer Science, vol 13285. Springer, Cham. https://doi.org/10.1007/978-3-031-16815-4_36
Download citation
DOI: https://doi.org/10.1007/978-3-031-16815-4_36
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-16814-7
Online ISBN: 978-3-031-16815-4
eBook Packages: Computer ScienceComputer Science (R0)