A Framework for Supporting Ransomware Detection and Prevention Based on Hybrid Analysis

被引：1

作者：

Cuzzocrea, Alfredo ^{[1
]}

Mercaldo, Francesco ^{[2
]}

Martinelli, Fabio ^{[2
]}

机构：

[1] Univ Calabria, Arcavacata Di Rende, Italy

[2] IIT CNR, Pisa, Italy

来源：

COMPUTATIONAL SCIENCE AND ITS APPLICATIONS, ICCSA 2021, PT III | 2021年 / 12951卷

关键词：

Ransomware; Malware; Static analysis; Dynamic analysis; Hybrid analysis; Security;

D O I：

10.1007/978-3-030-86970-0_2

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

Ransomware is a very effective form of malware, which recently raised a lot of attention since an impressive number of work-stations was affected. This malware is able to encrypt the files located in the infected machine and block the access to them. The attackers will restore the machine and files only after the payment of a certain amount of money, usually given in bitcoins. In this paper we discuss an hybrid framework, combining static and dynamic analysis, exploiting APIs to prevent and mitigate ransomware threats. The evaluation, considering 1000 legitimate and ransomware applications, demonstrates that the hybrid API calls-based detection can be proved to be a promising direction in ransomware prevention and mitigation.

引用

页码：16 / 27

页数：12

共 43 条

[1] Reduced models for efficient CCS verification
Barbuti, R
Francesco, N
Santone, A
Vaglini, G
[J]. FORMAL METHODS IN SYSTEM DESIGN, 2005, 26 (03) : 319 - 350
[2] Brunese L, 2019, IEEE IJCNN
[3] An ensemble learning approach for brain cancer detection exploiting radiomic features
Brunese, Luca
Mercaldo, Francesco
Reginelli, Alfonso
Santone, Antonella
[J]. COMPUTER METHODS AND PROGRAMS IN BIOMEDICINE, 2020, 185
[4] Formal methods for prostate cancer Gleason score and treatment prediction using radiomic biomarkers
Brunese, Luca
Mercaldo, Francesco
Reginelli, Alfonso
Santone, Antonella
[J]. MAGNETIC RESONANCE IMAGING, 2020, 66 : 165 - 175
[5] Software-defined networking-based crypto ransomware detection using HTTP traffic characteristics
Cabaj, Krzysztof
Gregorczyk, Marcin
Mazurczyk, Wojciech
[J]. COMPUTERS & ELECTRICAL ENGINEERING, 2018, 66 : 353 - 368
[6] How I Met Your Mother? An Empirical Study about Android Malware Phylogenesis
Canfora, Gerardo
Mercaldo, Francesco
Pirozzi, Antonio
Visaggio, Corrado Aaron
[J]. SECRYPT: PROCEEDINGS OF THE 13TH INTERNATIONAL JOINT CONFERENCE ON E-BUSINESS AND TELECOMMUNICATIONS - VOL. 4, 2016, : 310 - 317
[7] Composition-malware: building Android malware at run time
Canfora, Gerardo
Mercaldo, Francesco
Moriano, Giovanni
Visaggio, Corrado Aaron
[J]. PROCEEDINGS 10TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY ARES 2015, 2015, : 318 - 326
[8] Carrera E., 2004, DIGITAL GENOME MAPPI
[9] De novo reconstruction of gene regulatory networks from time series data, an approach based on formal methods
Ceccarelli, Michele
Cerulo, Luigi
Santone, Antonella
[J]. METHODS, 2014, 69 (03) : 298 - 305
[10] Ceron JM, 2016, 2016 IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATION (ISCC), P525, DOI 10.1109/ISCC.2016.7543792

← 1 2 3 4 5 →