{"title":"如何为勒索软件检测制作有效的诱饵文件?","authors":"Jong-Seop Lee, Jinwoo Lee, Jiman Hong","doi":"10.1145/3129676.3129713","DOIUrl":null,"url":null,"abstract":"Recently, Ransomware has been rapidly increasing and is becoming far more dangerous than other common malware types. Unlike previous versions of Ransomware that infect email attachments or access certain sites, the new Ransomware, such as WannaCryptor, corrupts data even when the PC is connected to the Internet. Therefore, many studies are being conducted to detect and defend Ransomware. However, existing studies on Ransomware detection cannot effectively detect and defend the new Ransomware because it detects Ransomware using signature databases or monitoring specific activities of processes. In this paper, we propose a method to make decoy files for detecting Ransomwares efficiently. The proposed method is based on the analysis of the behaviors of existing Ransomwares at the source code level.","PeriodicalId":326100,"journal":{"name":"Proceedings of the International Conference on Research in Adaptive and Convergent Systems","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-09-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"26","resultStr":"{\"title\":\"How to Make Efficient Decoy Files for Ransomware Detection?\",\"authors\":\"Jong-Seop Lee, Jinwoo Lee, Jiman Hong\",\"doi\":\"10.1145/3129676.3129713\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recently, Ransomware has been rapidly increasing and is becoming far more dangerous than other common malware types. Unlike previous versions of Ransomware that infect email attachments or access certain sites, the new Ransomware, such as WannaCryptor, corrupts data even when the PC is connected to the Internet. Therefore, many studies are being conducted to detect and defend Ransomware. However, existing studies on Ransomware detection cannot effectively detect and defend the new Ransomware because it detects Ransomware using signature databases or monitoring specific activities of processes. In this paper, we propose a method to make decoy files for detecting Ransomwares efficiently. The proposed method is based on the analysis of the behaviors of existing Ransomwares at the source code level.\",\"PeriodicalId\":326100,\"journal\":{\"name\":\"Proceedings of the International Conference on Research in Adaptive and Convergent Systems\",\"volume\":\"12 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-09-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"26\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the International Conference on Research in Adaptive and Convergent Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3129676.3129713\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the International Conference on Research in Adaptive and Convergent Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3129676.3129713","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
How to Make Efficient Decoy Files for Ransomware Detection?
Recently, Ransomware has been rapidly increasing and is becoming far more dangerous than other common malware types. Unlike previous versions of Ransomware that infect email attachments or access certain sites, the new Ransomware, such as WannaCryptor, corrupts data even when the PC is connected to the Internet. Therefore, many studies are being conducted to detect and defend Ransomware. However, existing studies on Ransomware detection cannot effectively detect and defend the new Ransomware because it detects Ransomware using signature databases or monitoring specific activities of processes. In this paper, we propose a method to make decoy files for detecting Ransomwares efficiently. The proposed method is based on the analysis of the behaviors of existing Ransomwares at the source code level.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
