Preventing ransomware attacks through file system filter drivers

Over the last years ransomware attacks have been widely spreading over the Internet, indiscriminately targeting home users as well as corporates and public agencies. Several approaches have been proposed to analyze and detect ransomware intrusions in literature, moving from combined heuristics, behavior analysis, sandbox-based solutions and machine learning techniques to function calls monitoring. Our approach differs from the above by shifting the focus from removing the problem to mitigating damages, to ensure data availability despite malware attacks. The aim is not to detect new ransomware samples, but simply to protect integrity and availability of private data. In other words, we interfere with ransomware usual behavior, intercepting I/O request packets and denying operations on user's valuable data.

Bottazzi, G., Italiano, G., & Spera, D. (2018). Preventing ransomware attacks through file system filter drivers. In CEUR Workshop Proceedings: 2nd Italian Conference on Cyber Security, ITASEC 2018. CEUR-WS.

Autori: 
BOTTAZZI, GIOVANNI  
ITALIANO, GIUSEPPE FRANCESCO  
mostra contributor esterni 
Autori: Bottazzi, G; Italiano, G; Spera, D
Titolo: Preventing ransomware attacks through file system filter drivers
Nome del convegno: Italian conference on cyber security, 2. (ITASEC 2018)
Luogo del convegno: ita
Anno del convegno: 2018
Enti collegati al convegno: CISCO
Rilevanza: Rilevanza internazionale
Data di pubblicazione: 2018
Settore Scientifico Disciplinare: Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni
Lingua: English
Altre informazioni significative: Code 134026
URL: http://ceur-ws.org/Vol-2058/paper-08.pdf
Tipologia: Intervento a convegno
Citazione: Bottazzi, G., Italiano, G., & Spera, D. (2018). Preventing ransomware attacks through file system filter drivers. In CEUR Workshop Proceedings: 2nd Italian Conference on Cyber Security, ITASEC 2018. CEUR-WS.
Appare nelle tipologie:02 - Intervento a convegno

File in questo prodotto:
Non ci sono file associati a questo prodotto.
Utilizza questo identificativo per citare o creare un link a questo documento:
http://hdl.handle.net/2108/201098
  • Citazioni
  • PubMed Central ND
  • Scopus
  • WOS ND
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
 
 
 
Powered by IRIS-about IRIS-Utilizzo dei cookie
Logo CINECA  Copyright © 2022