IRIS

Over the last years ransomware attacks have been widely spreading over the Internet, indiscriminately targeting home users as well as corporates and public agencies. Several approaches have been proposed to analyze and detect ransomware intrusions in literature, moving from combined heuristics, behavior analysis, sandbox-based solutions and machine learning techniques to function calls monitoring. Our approach differs from the above by shifting the focus from removing the problem to mitigating damages, to ensure data availability despite malware attacks. The aim is not to detect new ransomware samples, but simply to protect integrity and availability of private data. In other words, we interfere with ransomware usual behavior, intercepting I/O request packets and denying operations on user's valuable data.

Bottazzi, G., Italiano, G., Spera, D. (2018). Preventing ransomware attacks through file system filter drivers. In CEUR Workshop Proceedings: 2nd Italian Conference on Cyber Security, ITASEC 2018. CEUR-WS.

Preventing ransomware attacks through file system filter drivers

Bottazzi, G;Italiano, GF;
2018-01-01

Abstract

Over the last years ransomware attacks have been widely spreading over the Internet, indiscriminately targeting home users as well as corporates and public agencies. Several approaches have been proposed to analyze and detect ransomware intrusions in literature, moving from combined heuristics, behavior analysis, sandbox-based solutions and machine learning techniques to function calls monitoring. Our approach differs from the above by shifting the focus from removing the problem to mitigating damages, to ensure data availability despite malware attacks. The aim is not to detect new ransomware samples, but simply to protect integrity and availability of private data. In other words, we interfere with ransomware usual behavior, intercepting I/O request packets and denying operations on user's valuable data.
Italian conference on cyber security, 2. (ITASEC 2018)
ita
2018
CISCO
Rilevanza internazionale
2018
Settore ING-INF/05 - SISTEMI DI ELABORAZIONE DELLE INFORMAZIONI
English
Computer Science (all)
Code 134026
http://ceur-ws.org/Vol-2058/paper-08.pdf
Intervento a convegno
Bottazzi, G., Italiano, G., Spera, D. (2018). Preventing ransomware attacks through file system filter drivers. In CEUR Workshop Proceedings: 2nd Italian Conference on Cyber Security, ITASEC 2018. CEUR-WS.
Bottazzi, G; Italiano, G; Spera, D
02 - Intervento a convegno
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2108/201098
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
social impact