Skip to Main content Skip to Navigation
Conference papers

Ransomware Steals Your Phone. Formal Methods Rescue It

Abstract : Ransomware is a recent type of malware which makes inaccessible the files or the device of the victim. The only way to unlock the infected device or to have the keys for decrypting the files is to pay a ransom to the attacker. Commercial solutions for removing ransomware and restoring the infected devices and files are ineffective, since this malware uses a very robust form of asymmetric cryptography and erases shadow copies and recovery points of the operating system. Literature does not count many solutions for effectively detecting and blocking ransomware and, at the best knowledge of the authors, formal methods were never applied to identify ransomware. In this paper we propose a methodology based on formal methods that is able to detect the ransomware and to identify in the malware’s code the instructions that implement the characteristic instructions of the ransomware. The results of the experimentation are strongly encouraging and suggest that the proposed methodology could be the right way to follow for developing commercial solutions that could successful intercept the ransomware and blocking the infections it provokes.
Complete list of metadata

Cited literature [20 references]  Display  Hide  Download

https://hal.inria.fr/hal-01432919
Contributor : Hal Ifip <>
Submitted on : Thursday, January 12, 2017 - 11:34:24 AM
Last modification on : Thursday, January 12, 2017 - 11:38:43 AM
Long-term archiving on: : Friday, April 14, 2017 - 1:13:01 PM

File

426757_1_En_14_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Francesco Mercaldo, Vittoria Nardone, Antonella Santone, Corrado Visaggio. Ransomware Steals Your Phone. Formal Methods Rescue It. 36th International Conference on Formal Techniques for Distributed Objects, Components, and Systems (FORTE), Jun 2016, Heraklion, Greece. pp.212-221, ⟨10.1007/978-3-319-39570-8_14⟩. ⟨hal-01432919⟩

Share

Metrics

Record views

174

Files downloads

720