DOI QR코드

DOI QR Code

Design and Implementation of a Cloud-Based Recovery System against Ransomware Attacks

클라우드 기반 랜섬웨어 복구 시스템 설계 및 구현

  • Received : 2017.02.23
  • Accepted : 2017.06.08
  • Published : 2017.06.30

Abstract

In this paper, we propose a protection solution against intelligent Ransomware attacks by encrypting not only source files but also backup files of external storage. The system is designed to automatically back up to the cloud server at the time of file creation to perform monitoring and blocking in case a specific process affects the original file. When client creates or saves a file, both process identifiers, parent process identifiers, and executable file hash values are compared and protected by the whitelist. The file format that is changed by another process is monitored and blocked to prevent from suspicious behavior. By applying the system proposed in this paper, it is possible to protect against damage caused by the modification or deletion of files by Ransomware.

Acknowledgement

Grant : 맞춤형 보안서비스 제공을 위한 클라우드 기반 지능형 보안 기술 개발

Supported by : 정보통신기술진흥센터

References

  1. "Threat analysis report for the first half of 2016" TrendMicro, 2016.
  2. Ward, Mark. "Cryptolocker victims to get files back for free." BBC News, 2014.
  3. Pathak, P. B., and Yeshwant Mahavidyalaya Nanded, "A dangerous trend of cybercrime: Ransomware growing challenge," International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) 2016
  4. Jaeyeon Moon and Younghyun Chang, "Ransomware Analysis and Method for Minimize the Damage," The Journal of the Convergence on Culture Technology, 2016, p79-85
  5. Oh, Joo-Hyung, Im, Chae-Tae and Jeong, Hyun-Cheol. "Technical Trends and Response Methods of Drive-by Download," Communications of the Korean Institute of Information Scientists and Engineers, 28.
  6. Richet and Jean-Loup, "Extortion on the Internet: the Rise of Crypto-Ransomware." Harvard University. Retrieved October, 2015
  7. Nolen Scaife, Henry Carter, Patrick Traynor and Kevin R.B. Butler, "CryptoLock (and Drop It): Stopping Ransomware Attacks on User Data," International Conference on Distributed Computing Systems, 2016.
  8. Richardson Ronny and Max North, "Ransomware: Evolution, Mitigation and Prevention." International Management Review 13.1, 2017
  9. Miss. Harshada U. Salvi, and Mr. Ravidra V. Kerkar, "Ransomware: A Cyber Extortion," Asian Journal of Cenvergence in Technology, 2015.
  10. Moore, Chris. "Detecting Ransomware with Honeypot Techniques." Cybersecurity and Cyberforensics Conference (CCC), IEEE, 2016, p77-81