2018 | OriginalPaper | Buchkapitel
RWGuard: A Real-Time Detection System Against Cryptographic Ransomware
verfasst von : Shagufta Mehnaz, Anand Mudgerikar, Elisa Bertino
Erschienen in: Research in Attacks, Intrusions, and Defenses
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Abstract
RWGuard
, which is able to detect crypto-ransomware in real-time on a user’s machine by (1) deploying decoy techniques, (2) carefully monitoring both the running processes and the file system for malicious activities, and (3) omitting benign file changes from being flagged through the learning of users’ encryption behavior. We evaluate our system against samples from 14 most prevalent ransomware families to date. Our experiments show that RWGuard
is effective in real-time detection of ransomware with zero false negative and negligible false positive (\(\sim \)0.1%) rates while incurring an overhead of only \(\sim \)1.9%.