Browse > Article
http://dx.doi.org/10.13089/JKIISC.2016.26.3.645

Methodology for Intercepting the Ransomware Attacks Using File I/O Intervals  

Youn, Jung-moo (Chung-Nam National University)
Jo, Je-geong (Chung-Nam National University)
Ryu, Jae-cheol (Chung-Nam National University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.26, no.3, 2016 , pp. 645-653 More about this Journal
Abstract
Ransomware was first created in 1999, but its existence become widely known in Korean by 2015. As information and communication technology have developed, the storage capacity of computer has enlarged, it accordingly is getting more important to effectively manage these information, rather than the information itself. In such situation, the ransomware break into other people's computer and encrypt an files without a user's permission. So, it adversely affect the user. In this paper, we monitor an access of a specific process to the file. And on the basis of this monitoring information, we detect whether the abnormal approach happened. Through the detection result, we block the permission about access to the file for a specific process. Using this method, we propose a blocking technique for the ransomeware's abnormal approach and encryption to the files.
Keywords
Ransomware; Detection; Block;
Citations & Related Records
연도 인용수 순위
  • Reference
1 "Malware," https://en.wikipedia.org/wiki/Malware
2 Bong-joon Kim, Woon-soo Kim, Jung-hwan Lee, Sin-hyuk Yim, Sang-geun Song, and Sang-jun Lee, "Design and Implementation of a Ransomware Prevention System using Process Monitoring on Android Platform", The Korean institute of information scientists and engineers, 2015(12), pp. 852-853, Dec. 2015
3 Gates, Megan, "CYBERSECURITY As ransomware continues to spread, companies must decide whether to back up or pay up to get their data back," The american society for industrial security, vol. 59, no. 12, pp. 26-26, Dec. 2015
4 Gyeong-sin Kim and Moon-sik Kang, "The next generation of cyber security issues and threats and countermeasures," The institute of electronics engineers of korea, 41(4), pp. 69-77, Apr. 2014
5 "Operating System rate," http://www.koreahtml5.kr/jsp/infoSquare/browserUseStats.jsp
6 "Ransom32," http://securityaffairs.co/wordpress/43250/cyber-crime/ransom32-crypto-ransomware.html
7 Cyber THREAT ALLIANCE, "Lucrative Ransomware Attacks:Analysis of the CryptoWall Version 3 Threat," http://cyberthreatalliance.org/cryptowall-executive-summary.pdf
8 "Ransomware Notable examples," https://en.wikipedia.org/wiki/Ransomware
9 "Shelter," http://hummingbird.tistory.com/6196