Applying staged event-driven access control to combat ransomware

McIntosh, Timothy R.; Kayes, A. S. M.; Chen, Yi‐Ping Phoebe; Ng, Alex; Watters, Paul A.

doi:10.1016/j.cose.2023.103160

Cited by 31 publications

(40 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Research has always advocated for a multi-layered security approach to effectively mitigate ransomware threats on mobile devices [30,28,31]. Traditional antivirus solutions have been found somewhat effective but insufficient alone due to the dynamic nature of ransomware attacks [13,32,33].…”

Section: Mitigation Techniquesmentioning

confidence: 99%

An Effective Strategy for Ransomware Mitigation on Android Devices via Android OS File System API

Ozturk,

Yilmaz,

Arslan

et al. 2024

Preprint

View full text Add to dashboard Cite

The development and effectiveness of an API-based system for mitigating ransomware threats on Android devices was explored in this study. Leveraging the Android/Linux file system API, the proposed system enhances the detection and prevention of ransomware by monitoring suspicious file system activities. The methodology includes extensive testing across various Android models and versions, demonstrating a high detection rate with minimal false positives. Results indicate that integrating system-level APIs into security frameworks significantly improves response times and device integrity against ransomware attacks. This paper contributes to mobile cybersecurity by providing a scalable and effective strategy for ransomware mitigation, proposing future enhancements with advanced predictive algorithms and broader system integration.

show abstract

Section: Mitigation Techniquesmentioning

confidence: 99%

An Effective Strategy for Ransomware Mitigation on Android Devices via Android OS File System API

Ozturk,

Yilmaz,

Arslan

et al. 2024

Preprint

View full text Add to dashboard Cite

show abstract

“…Historically, ransomware mitigation on desktop systems has focused on a combination of real-time threat detection, user education, and backup strategies [7,8]. Techniques such as heuristic analysis, sandboxing, and signature-based detection were commonly employed to identify and neutralize threats before they could execute their payloads [9,10,11,12].…”

Section: Ransomware Mitigation On Desktop Computersmentioning

confidence: 99%

“…In the mobile context, ransomware mitigation strategies leveraged unique aspects of mobile operating systems, such as application sandboxing and stricter app store policies [21,7,22]. Efforts were primarily concentrated on preventing the installation of malicious apps through vetted app store mechanisms and using mobile security solutions that monitored for suspicious behaviors [22,23].…”

Section: Ransomware Mitigation On Mobile Devicesmentioning

confidence: 99%

Leveraging File System Characteristics for Ransomware Mitigation in Linux Operating System Environments

Guo,

Liang,

Long

2024

Preprint

View full text Add to dashboard Cite

A novel approach to mitigating ransomware attacks on Linux systems is introduced in this study, which capitalizes on the unique characteristics of the Linux file system. This method significantly deviates from traditional ransomware mitigation strategies that primarily depend on reactive detection algorithms. Instead, it introduces proactive system-level enhancements that preemptively secure file systems against a spectrum of both known and emerging ransomware threats. The core innovation of this approach lies in its strategic utilization of the structural benefits of Linux file system architectures, providing a robust framework for shielding against sophisticated and evolving ransomware attacks. These enhancements not only bolster security but also ensure minimal impact on system performance, thereby offering a balanced and effective solution to the persistent challenge of ransomware in Linux environments. By integrating behavior-based detection mechanisms with real-time system monitoring, this approach demonstrates a substantial improvement in both detection accuracy and response times, setting a new standard for ransomware defense strategies in Linux systems.

show abstract

“…Historical analyses of ransomware mitigation strategies highlighted the initial reliance on signature-based detection methods, which were quickly found to be ineffective against polymorphic and zero-day attacks [26,27,28,29]. The development of behavior-based detection tools represented a significant advancement, offering the ability to identify ransomware based on its actions rather than its signature [1,30,31].…”

Section: Existing Ransomware Detection and Prevention Toolsmentioning

confidence: 99%

RanAway: A Novel Ransomware-Resilient ReFS File System

Long,

Liang

2024

Preprint

View full text Add to dashboard Cite

Ransomware has emerged as a pervasive threat in the cybersecurity landscape, characterized by its ability to encrypt critical data and demand ransom for its release. Traditional cybersecurity defenses often fall short against sophisticated ransomware attacks due to their reliance on signature-based detection mechanisms and inadequate preventive measures. This paper introduces RanAway, an innovative solution designed to enhance ransomware resilience by leveraging the advanced features of the Microsoft Resilient File System (ReFS). Unlike conventional file systems, ReFS offers enhanced data integrity, automatic error correction, and robust resistance to data degradation—features that are crucial for mitigating the impact of ransomware attacks. RanAway integrates with ReFS to provide real-time monitoring of file system operations, employing heuristic and behavior-based algorithms to detect and prevent ransomware activities effectively. Our findings demonstrate RanAway's significant potential in reducing the risk of ransomware attacks, highlighting its contributions to the field of cybersecurity through innovative use of file system technologies for threat resilience. The deployment of RanAway represents a paradigm shift towards a more integrated and system-level approach in combating ransomware, offering a blueprint for future developments in cybersecurity defenses.

show abstract

Applying staged event-driven access control to combat ransomware

Cited by 31 publications

References 28 publications

An Effective Strategy for Ransomware Mitigation on Android Devices via Android OS File System API

An Effective Strategy for Ransomware Mitigation on Android Devices via Android OS File System API

Leveraging File System Characteristics for Ransomware Mitigation in Linux Operating System Environments

RanAway: A Novel Ransomware-Resilient ReFS File System

Contact Info

Product

Resources

About