Show simple item record

dc.contributor.authorGómez Herández, José Antonio
dc.contributor.authorÁlvarez González, Lucía
dc.contributor.authorGarcía Teodoro, Pedro 
dc.date.accessioned2019-04-01T06:23:02Z
dc.date.available2019-04-01T06:23:02Z
dc.date.issued2018-03
dc.identifier.urihttp://hdl.handle.net/10481/55284
dc.description.abstractRansomware has become a pandemic nowadays. Although some proposals exist to fight against this increasing type of extorsion, most of them are prevention like and rely on the assumption that early detection is not so effective once the victim is infected. This paper presents a novel approach intended not just to early detect ransomware but to completly thwart its action. For that, a set of honeyfiles are deployed around the target environment in order to catch the ransomware. Instead of being normal archives, honeyfiles are FIFO like, so that the ransomware is blocked once it starts reading the file. In addition to frustrate its action, our honeyfile solution is able to automatically launch countermeasures to solve the infection. Moreover, as it does not require previous training or knowledge, the approach allows fighting against unknown, zero-day ransomware related attacks. As a proof of concept, we have developed the approach for Unix platforms. The tool, named R-Locker, shows excellent performance both from the perspective of its accuracy as well as in terms of complexity and resource consumption. In addition, it has no special needs or privileges and does not affect the normal operation of the overall environment.es_ES
dc.language.isoenges_ES
dc.rightsAtribución-NoComercial-SinDerivadas 3.0 España*
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/3.0/es/*
dc.subjectRansomwarees_ES
dc.subjectDetectiones_ES
dc.subjectCountermeasurees_ES
dc.subjectHoneyfilees_ES
dc.subjectSystem securityes_ES
dc.titleR-Locker: Thwarting Ransomware Action through a Honey le-based Approaches_ES
dc.typeinfo:eu-repo/semantics/articlees_ES
dc.rights.accessRightsinfo:eu-repo/semantics/openAccesses_ES
dc.identifier.doihttps://doi.org/10.1016/j.cose.2017.11.019


Files in this item

[PDF]

This item appears in the following Collection(s)

Show simple item record

Atribución-NoComercial-SinDerivadas 3.0 España
Except where otherwise noted, this item's license is described as Atribución-NoComercial-SinDerivadas 3.0 España