Skip to Main content Skip to Navigation
Conference papers

Preventing Ransomware Attacks Through File System Filter Drivers

Abstract : Over the last years ransomware attacks have been widely spreading over the Internet, indiscriminately targeting home users as well as corporates and public agencies. Several approaches have been proposed to analyze and detect ransomware intrusions in literature, moving from combined heuristics, behavior analysis, sandbox-based solutions and machine learning techniques to function calls monitoring. Our approach differs from the above by shifting the focus from removing the problem to mitigating damages, to ensure data availability despite malware attacks. The aim is not to detect new ransomware samples, but simply to protect integrity and availability of private data. In other words, we interfere with ransomware usual behavior, intercepting I/O request packets and denying operations on user's valuable data.
Complete list of metadatas

Cited literature [4 references]  Display  Hide  Download
Contributor : Marie-France Sagot <>
Submitted on : Sunday, November 18, 2018 - 4:25:57 PM
Last modification on : Tuesday, November 20, 2018 - 1:17:53 AM
Document(s) archivé(s) le : Tuesday, February 19, 2019 - 12:56:24 PM


Files produced by the author(s)


  • HAL Id : hal-01925958, version 1



Giovanni Bottazzi, Giuseppe Italiano, Domenico Spera. Preventing Ransomware Attacks Through File System Filter Drivers. Second Italian Conference on Cyber Security, 2018, Milan, Italy. ⟨hal-01925958⟩



Record views


Files downloads