Chen-Yu Chiu, Min Wu, JianMin Huang, Jian-Xin Chen, Hao-Jyun Wang
{"title":"Machine Learning Detection of Ransomware by Lightweight Mini-filters","authors":"Chen-Yu Chiu, Min Wu, JianMin Huang, Jian-Xin Chen, Hao-Jyun Wang","doi":"10.1109/ECEI57668.2023.10105315","DOIUrl":null,"url":null,"abstract":"Users are more at risk from ransomware as time goes on. Invading users' computers with ransomware aims to encrypt their data and demand payment. Although anti-virus software may identify ransomware assaults on computers, it cannot prevent them until they are identified. Since many users may have already been hit by ransomware during this viral window period, safeguarding users during this time becomes a priority. We present a way to identify suspected ransomware in real-time. It would integrate into the Windows mini-filter driver to fight against ransomware assaults. This approach makes it challenging for ransomware to evade our detection. Our technology allows consumers to terminate the currently running application or put it on the whitelist once it has been flagged as potentially malicious software. Our solution enables users to edit the software and recovers the altered files when they choose to end the application, lessening their loss.","PeriodicalId":176611,"journal":{"name":"2023 IEEE 6th Eurasian Conference on Educational Innovation (ECEI)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-02-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE 6th Eurasian Conference on Educational Innovation (ECEI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ECEI57668.2023.10105315","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Users are more at risk from ransomware as time goes on. Invading users' computers with ransomware aims to encrypt their data and demand payment. Although anti-virus software may identify ransomware assaults on computers, it cannot prevent them until they are identified. Since many users may have already been hit by ransomware during this viral window period, safeguarding users during this time becomes a priority. We present a way to identify suspected ransomware in real-time. It would integrate into the Windows mini-filter driver to fight against ransomware assaults. This approach makes it challenging for ransomware to evade our detection. Our technology allows consumers to terminate the currently running application or put it on the whitelist once it has been flagged as potentially malicious software. Our solution enables users to edit the software and recovers the altered files when they choose to end the application, lessening their loss.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
