Preventing Ransomware Attacks Through File System Filter Drivers

Abstract : Over the last years ransomware attacks have been widely spreading over the Internet, indiscriminately targeting home users as well as corporates and public agencies. Several approaches have been proposed to analyze and detect ransomware intrusions in literature, moving from combined heuristics, behavior analysis, sandbox-based solutions and machine learning techniques to function calls monitoring. Our approach differs from the above by shifting the focus from removing the problem to mitigating damages, to ensure data availability despite malware attacks. The aim is not to detect new ransomware samples, but simply to protect integrity and availability of private data. In other words, we interfere with ransomware usual behavior, intercepting I/O request packets and denying operations on user's valuable data.
Type de document :
Communication dans un congrès
Second Italian Conference on Cyber Security, 2018, Milan, Italy
Liste complète des métadonnées

https://hal.inria.fr/hal-01925958
Contributeur : Marie-France Sagot <>
Soumis le : dimanche 18 novembre 2018 - 16:25:57
Dernière modification le : mardi 20 novembre 2018 - 01:17:53
Document(s) archivé(s) le : mardi 19 février 2019 - 12:56:24

Fichier

paper-08.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01925958, version 1

Collections

Citation

Giovanni Bottazzi, Giuseppe Italiano, Domenico Spera. Preventing Ransomware Attacks Through File System Filter Drivers. Second Italian Conference on Cyber Security, 2018, Milan, Italy. 〈hal-01925958〉

Partager

Métriques

Consultations de la notice

25

Téléchargements de fichiers

56