JOURNAL BROWSE
Search
Advanced SearchSearch Tips
Methodology for Intercepting the Ransomware Attacks Using File I/O Intervals
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
Methodology for Intercepting the Ransomware Attacks Using File I/O Intervals
Youn, Jung-moo; Jo, Je-geong; Ryu, Jae-cheol;
  PDF(new window)
 Abstract
Ransomware was first created in 1999, but its existence become widely known in Korean by 2015. As information and communication technology have developed, the storage capacity of computer has enlarged, it accordingly is getting more important to effectively manage these information, rather than the information itself. In such situation, the ransomware break into other people`s computer and encrypt an files without a user`s permission. So, it adversely affect the user. In this paper, we monitor an access of a specific process to the file. And on the basis of this monitoring information, we detect whether the abnormal approach happened. Through the detection result, we block the permission about access to the file for a specific process. Using this method, we propose a blocking technique for the ransomeware`s abnormal approach and encryption to the files.
 Keywords
Ransomware;Detection;Block;
 Language
Korean
 Cited by
 References
1.
"Malware," https://en.wikipedia.org/wiki/Malware

2.
Bong-joon Kim, Woon-soo Kim, Jung-hwan Lee, Sin-hyuk Yim, Sang-geun Song, and Sang-jun Lee, "Design and Implementation of a Ransomware Prevention System using Process Monitoring on Android Platform", The Korean institute of information scientists and engineers, 2015(12), pp. 852-853, Dec. 2015

3.
Gates, Megan, "CYBERSECURITY As ransomware continues to spread, companies must decide whether to back up or pay up to get their data back," The american society for industrial security, vol. 59, no. 12, pp. 26-26, Dec. 2015

4.
Gyeong-sin Kim and Moon-sik Kang, "The next generation of cyber security issues and threats and countermeasures," The institute of electronics engineers of korea, 41(4), pp. 69-77, Apr. 2014

5.
"Operating System rate," http://www.koreahtml5.kr/jsp/infoSquare/browserUseStats.jsp

6.
"Ransom32," http://securityaffairs.co/wordpress/43250/cyber-crime/ransom32-crypto-ransomware.html

7.
Cyber THREAT ALLIANCE, "Lucrative Ransomware Attacks:Analysis of the CryptoWall Version 3 Threat," http://cyberthreatalliance.org/cryptowall-executive-summary.pdf

8.
"Ransomware Notable examples," https://en.wikipedia.org/wiki/Ransomware

9.
"Shelter," http://hummingbird.tistory.com/6196