Visible to the public Biblio

Found 4273 results

Filters: Keyword is Resiliency  [Clear All Filters]
2019-10-08
Kim, S., Jin, S., Lee, Y., Park, B., Kim, H., Hong, S..  2018.  Single Trace Side Channel Analysis on Quantum Key Distribution. 2018 International Conference on Information and Communication Technology Convergence (ICTC). :736–739.

The security of current key exchange protocols such as Diffie-Hellman key exchange is based on the hardness of number theoretic problems. However, these key exchange protocols are threatened by weak random number generators, advances to CPU power, a new attack from the eavesdropper, and the emergence of a quantum computer. Quantum Key Distribution (QKD) addresses these challenges by using quantum properties to exchange a secret key without the risk of being intercepted. Recent developments on the QKD system resulted in a stable key generation with fewer errors so that the QKD system is rapidly becoming a solid commercial proposition. However, although the security of the QKD system is guaranteed by quantum physics, its careless implementation could make the system vulnerable. In this paper, we proposed the first side-channel attack on plug-and-play QKD system. Through a single electromagnetic trace obtained from the phase modulator on Alice's side, we were able to classify the electromagnetic trace into four classes, which corresponds to the number of bit and basis combination in the BB84 protocol. We concluded that the plug-and-play QKD system is vulnerable to side-channel attack so that the countermeasure must be considered.

Agrawal, Shashank, Mohassel, Payman, Mukherjee, Pratyay, Rindal, Peter.  2018.  DiSE: Distributed Symmetric-Key Encryption. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. :1993–2010.

Threshold cryptography provides a mechanism for protecting secret keys by sharing them among multiple parties, who then jointly perform cryptographic operations. An attacker who corrupts up to a threshold number of parties cannot recover the secrets or violate security. Prior works in this space have mostly focused on definitions and constructions for public-key cryptography and digital signatures, and thus do not capture the security concerns and efficiency challenges of symmetric-key based applications which commonly use long-term (unprotected) master keys to protect data at rest, authenticate clients on enterprise networks, and secure data and payments on IoT devices. We put forth the first formal treatment for distributed symmetric-key encryption, proposing new notions of correctness, privacy and authenticity in presence of malicious attackers. We provide strong and intuitive game-based definitions that are easy to understand and yield efficient constructions. We propose a generic construction of threshold authenticated encryption based on any distributed pseudorandom function (DPRF). When instantiated with the two different DPRF constructions proposed by Naor, Pinkas and Reingold (Eurocrypt 1999) and our enhanced versions, we obtain several efficient constructions meeting different security definitions. We implement these variants and provide extensive performance comparisons. Our most efficient instantiation uses only symmetric-key primitives and achieves a throughput of upto 1 million encryptions/decryptions per seconds, or alternatively a sub-millisecond latency with upto 18 participating parties.

Hajomer, A. A. E., Yang, X., Sultan, A., Sun, W., Hu, W..  2018.  Key Generation and Distribution Using Phase Fluctuation in Classical Fiber Channel. 2018 20th International Conference on Transparent Optical Networks (ICTON). :1–3.

We propose a secure key generation and distribution scheme for data encryption in classical optical fiber channel. A Delay interferometer (DI) is used to track the random phase fluctuation inside fiber, while the reconfigurable lengths of polarization-maintaining (PM) fiber are set as the source of optical phase fluctuations. The output signals from DI are extracted as the secret key and shared between the two-legal transmitter and receiver. Because of the randomness of local environment and the uniqueness of fiber channel, the phase fluctuation between orthogonal polarization modes (OPMs) can be used as secure keys to enhance the level of security in physical layer. Experimentally, we realize the random key generation and distribution over 25-km standard single-mode fiber (SSMF). Moreover, the proposed key generation scheme has the advantages of low cost, compatible with current optical fiber networks and long distance transmission with optical amplifiers.

Tripathi, S. K., Pandian, K. K. S., Gupta, B..  2018.  Hardware Implementation of Dynamic Key Value Based Stream Cipher Using Chaotic Logistic Map. 2018 2nd International Conference on Trends in Electronics and Informatics (ICOEI). :1104–1108.

In the last few decades, the relative simplicity of the logistic map made it a widely accepted point in the consideration of chaos, which is having the good properties of unpredictability, sensitiveness in the key values and ergodicity. Further, the system parameters fit the requirements of a cipher widely used in the field of cryptography, asymmetric and symmetric key chaos based cryptography, and for pseudorandom sequence generation. Also, the hardware-based embedded system is configured on FPGA devices for high performance. In this paper, a novel stream cipher using chaotic logistic map is proposed. The two chaotic logistic maps are coded using Verilog HDL and implemented on commercially available FPGA hardware using Xilinx device: XC3S250E for the part: FT256 and operated at frequency of 62.20 MHz to generate the non-recursive key which is used in key scheduling of pseudorandom number generation (PRNG) to produce the key stream. The realization of proposed cryptosystem in this FPGA device accomplishes the improved efficiency equal to 0.1186 Mbps/slice. Further, the generated binary sequence from the experiment is analyzed for X-power, thermal analysis, and randomness tests are performed using NIST statistical.

Liu, Y., Yuan, X., Li, M., Zhang, W., Zhao, Q., Zhong, J., Cao, Y., Li, Y., Chen, L., Li, H. et al..  2018.  High Speed Device-Independent Quantum Random Number Generation without Detection Loophole. 2018 Conference on Lasers and Electro-Optics (CLEO). :1–2.

We report a an experimental study of device-independent quantum random number generation based on an detection-loophole free Bell test with entangled photons. After considering statistical fluctuations and applying an 80 Gb × 45.6 Mb Toeplitz matrix hashing, we achieve a final random bit rate of 114 bits/s, with a failure probability less than 10-5.

Lauer, Sebastian.  2018.  On Several Verifiable Random Functions and the Q-Decisional Bilinear Diffie-Hellman Inversion Assumption. Proceedings of the 5th ACM on ASIA Public-Key Cryptography Workshop. :45–51.

In 1999, Micali, Rabin and Vadhan introduced the notion of Verifiable Random Functions (VRF)$\backslash$citeFOCS:MicRabVad99. VRFs compute for a given input x and a secret key \$sk\$ a unique function value \$y=V\_sk (x)\$, and additionally a publicly verifiable proof $π$. Each owner of the corresponding public key \$pk\$ can use the proof to non-interactivly verify that the function value was computed correctly. Furthermore, the function value provides the property of pseudorandomness. Most constructions in the past are based on q-type assumptions. Since these assumptions get stronger for a larger factor q, it is desirable to show the existence of VRFs under static or general assumptions. In this work we will show for the constructions presented in $\backslash$citePKC:DodYam05 $\backslash$citeCCS:BonMonRag10 the equivalence of breaking the VRF and solving the underlying q-type assumption.

Jiang, Zhengshen, Liu, Hongzhi, Fu, Bin, Wu, Zhonghai, Zhang, Tao.  2018.  Recommendation in Heterogeneous Information Networks Based on Generalized Random Walk Model and Bayesian Personalized Ranking. Proceedings of the Eleventh ACM International Conference on Web Search and Data Mining. :288–296.

Recommendation based on heterogeneous information network(HIN) is attracting more and more attention due to its ability to emulate collaborative filtering, content-based filtering, context-aware recommendation and combinations of any of these recommendation semantics. Random walk based methods are usually used to mine the paths, weigh the paths, and compute the closeness or relevance between two nodes in a HIN. A key for the success of these methods is how to properly set the weights of links in a HIN. In existing methods, the weights of links are mostly set heuristically. In this paper, we propose a Bayesian Personalized Ranking(BPR) based machine learning method, called HeteLearn, to learn the weights of links in a HIN. In order to model user preferences for personalized recommendation, we also propose a generalized random walk with restart model on HINs. We evaluate the proposed method in a personalized recommendation task and a tag recommendation task. Experimental results show that our method performs significantly better than both the traditional collaborative filtering and the state-of-the-art HIN-based recommendation methods.

Fan, Xinxin, Chai, Qi.  2018.  Roll-DPoS: A Randomized Delegated Proof of Stake Scheme for Scalable Blockchain-Based Internet of Things Systems. Proceedings of the 15th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services. :482–484.

Delegated Proof-of-Stake (DPoS) is an efficient, decentralized, and flexible consensus framework available in the blockchain industry. However, applying DPoS to the decentralized Internet of Things (IoT) applications is quite challenging due to the nature of IoT systems such as large-scale deployments and huge amount of data. To address the unique challenge for IoT based blockchain applications, we present Roll-DPoS, a randomized delegated proof of stake algorithm. Roll-DPoS inherits all the advantages of the original DPoS consensus framework and further enhances its capability in terms of decentralization as well as extensibility to complex blockchain architectures. A number of modern cryptographic techniques have been utilized to optimize the consensus process with respect to the computational and communication overhead.

Amellal, H., Meslouhi, A., El Allati, A..  2018.  Effectiveness of Quantum Algorithms on Classical Computing Complexities. Proceedings of the 3rd International Conference on Smart City Applications. :34:1–34:3.

In this paper, we analyze the effectiveness of quantum algorithms to solve some classical computing complexities. In fact, we focus in this study on several famous quantum algorithms, where we discussed their impact on classical computing using in computer science.

del Pino, Rafael, Lyubashevsky, Vadim, Seiler, Gregor.  2018.  Lattice-Based Group Signatures and Zero-Knowledge Proofs of Automorphism Stability. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. :574–591.

We present a group signature scheme, based on the hardness of lattice problems, whose outputs are more than an order of magnitude smaller than the currently most efficient schemes in the literature. Since lattice-based schemes are also usually non-trivial to efficiently implement, we additionally provide the first experimental implementation of lattice-based group signatures demonstrating that our construction is indeed practical – all operations take less than half a second on a standard laptop. A key component of our construction is a new zero-knowledge proof system for proving that a committed value belongs to a particular set of small size. The sets for which our proofs are applicable are exactly those that contain elements that remain stable under Galois automorphisms of the underlying cyclotomic number field of our lattice-based protocol. We believe that these proofs will find applications in other settings as well. The motivation of the new zero-knowledge proof in our construction is to allow the efficient use of the selectively-secure signature scheme (i.e. a signature scheme in which the adversary declares the forgery message before seeing the public key) of Agrawal et al. (Eurocrypt 2010) in constructions of lattice-based group signatures and other privacy protocols. For selectively-secure schemes to be meaningfully converted to standard signature schemes, it is crucial that the size of the message space is not too large. Using our zero-knowledge proofs, we can strategically pick small sets for which we can provide efficient zero-knowledge proofs of membership.

Bellini, Emanuele, Caullery, Florian, Hasikos, Alexandros, Manzano, Marc, Mateu, Victor.  2018.  You Shall Not Pass! (Once Again): An IoT Application of Post-Quantum Stateful Signature Schemes. Proceedings of the 5th ACM on ASIA Public-Key Cryptography Workshop. :19–24.

This paper presents an authentication protocol specifically tailored for IoT devices that inherently limits the number of times that an entity can authenticate itself with a given key pair. The protocol we propose is based on a stateful hash-based digital signature system called eXtended Merkle Signature Scheme (XMSS), which has increased its popularity of late due to its resistance to quantum-computer-aided attacks. We propose a 1-pass authentication protocol that can be customized according to the server capabilities to keep track of the key pair state. In addition, we present results when ported to ARM Cortex-M3 and M0 processors.

Khalid, Ayesha, Oder, Tobias, Valencia, Felipe, O' Neill, Maire, Güneysu, Tim, Regazzoni, Francesco.  2018.  Physical Protection of Lattice-Based Cryptography: Challenges and Solutions. Proceedings of the 2018 on Great Lakes Symposium on VLSI. :365–370.

The impending realization of scalable quantum computers will have a significant impact on today's security infrastructure. With the advent of powerful quantum computers public key cryptographic schemes will become vulnerable to Shor's quantum algorithm, undermining the security current communications systems. Post-quantum (or quantum-resistant) cryptography is an active research area, endeavoring to develop novel and quantum resistant public key cryptography. Amongst the various classes of quantum-resistant cryptography schemes, lattice-based cryptography is emerging as one of the most viable options. Its efficient implementation on software and on commodity hardware has already been shown to compete and even excel the performance of current classical security public-key schemes. This work discusses the next step in terms of their practical deployment, i.e., addressing the physical security of lattice-based cryptographic implementations. We survey the state-of-the-art in terms of side channel attacks (SCA), both invasive and passive attacks, and proposed countermeasures. Although the weaknesses exposed have led to countermeasures for these schemes, the cost, practicality and effectiveness of these on multiple implementation platforms, however, remains under-studied.

Arslan, B., Ulker, M., Akleylek, S., Sagiroglu, S..  2018.  A Study on the Use of Quantum Computers, Risk Assessment and Security Problems. 2018 6th International Symposium on Digital Forensic and Security (ISDFS). :1–6.

In the computer based solutions of the problems in today's world; if the problem has a high complexity value, different requirements can be addressed such as necessity of simultaneous operation of many computers, the long processing times for the operation of algorithms, and computers with hardware features that can provide high performance. For this reason, it is inevitable to use a computer based on quantum physics in the near future in order to make today's cryptosystems unsafe, search the servers and other information storage centers on internet very quickly, solve optimization problems in the NP-hard category with a very wide solution space and analyze information on large-scale data processing and to process high-resolution image for artificial intelligence applications. In this study, an examination of quantum approaches and quantum computers, which will be widely used in the near future, was carried out and the areas in which such innovation can be used was evaluated. Malicious or non-malicious use of quantum computers with this capacity, the advantages and disadvantages of the high performance which it provides were examined under the head of security, the effect of this recent technology on the existing security systems was investigated.

Katz, Jonathan, Kolesnikov, Vladimir, Wang, Xiao.  2018.  Improved Non-Interactive Zero Knowledge with Applications to Post-Quantum Signatures. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. :525–537.

Recent work, including ZKBoo, ZKB++, and Ligero, has developed efficient non-interactive zero-knowledge proofs of knowledge (NIZKPoKs) for Boolean circuits based on symmetric-key primitives alone, using the "MPC-in-the-head" paradigm of Ishai et al. We show how to instantiate this paradigm with MPC protocols in the preprocessing model; once optimized, this results in an NIZKPoK with shorter proofs (and comparable computation) as in prior work for circuits containing roughly 300–100,000 AND\textasciitildegates. In contrast to prior work, our NIZKPoK also supports witness-independent preprocessing, which allows the prover to shift most of its work to an offline phase before the witness is known. We use our NIZKPoK to construct a signature scheme based only on symmetric-key primitives (and hence with "post-quantum" security). The resulting scheme has shorter signatures than the scheme built using ZKB++ (and comparable signing/verification time), and is even competitive with hash-based signature schemes. To further highlight the flexibility and power of our NIZKPoK, we also use it to build efficient ring and group signatures based on symmetric-key primitives alone. To our knowledge, the resulting schemes are the most efficient constructions of these primitives that offer post-quantum security.

Krawec, Walter O., Markelon, Sam A..  2018.  Genetic Algorithm to Study Practical Quantum Adversaries. Proceedings of the Genetic and Evolutionary Computation Conference. :1270–1277.

In this paper we show how genetic algorithms can be effectively applied to study the security of arbitrary quantum key distribution (QKD) protocols when faced with adversaries limited to current-day technology. We compare two approaches, both of which take into account practical limitations on the quantum power of an adversary (which can be specified by the user). Our system can be used to determine upper-bounds on noise tolerances of novel QKD protocols in this scenario, thus making it a useful tool for researchers. We compare our algorithm's results with current known numerical results, and also evaluate it on newer, more complex, protocols where no results are currently known.

Anitha, R., Vijayalakshmi, B..  2018.  SIMULATION OF QUANTUM ENCODER DECODER WITH FLIP BIT ERROR CORRECTION USING REVERSIBLE QUANTUM GATES. 2018 International Conference on Recent Trends in Electrical, Control and Communication (RTECC). :99–102.

Quantum technology is a new field of physics and engineering. In emerging areas like Quantum Cryptography, Quantum Computing etc, Quantum circuits play a key role. Quantum circuit is a model for Quantum computation, the computation process of Quantum gates are based on reversible logic. Encoder and Decoder are designed using Quantum gates, and synthesized in the QCAD simulator. Quantum error correction (QEC) is essential to protect quantum information from errors due to quantum noise and decoherence. It is also use to achieve fault-tolerant quantum computation that deals with noise on stored information, faulty quantum gates and faulty measurements.

Rahman, M. S., Hossam-E-Haider, M..  2019.  Quantum IoT: A Quantum Approach in IoT Security Maintenance. 2019 International Conference on Robotics,Electrical and Signal Processing Techniques (ICREST). :269–272.

Securing Internet of things is a major concern as it deals with data that are personal, needed to be reliable, can direct and manipulate device decisions in a harmful way. Also regarding data generation process is heterogeneous, data being immense in volume, complex management. Quantum Computing and Internet of Things (IoT) coined as Quantum IoT defines a concept of greater security design which harness the virtue of quantum mechanics laws in Internet of Things (IoT) security management. Also it ensures secured data storage, processing, communication, data dynamics. In this paper, an IoT security infrastructure is introduced which is a hybrid one, with an extra layer, which ensures quantum state. This state prevents any sort of harmful actions from the eavesdroppers in the communication channel and cyber side, by maintaining its state, protecting the key by quantum cryptography BB84 protocol. An adapted version is introduced specific to this IoT scenario. A classical cryptography system `One-Time pad (OTP)' is used in the hybrid management. The novelty of this paper lies with the integration of classical and quantum communication for Internet of Things (IoT) security.

2019-10-07
Aidan, J. S., Zeenia, Garg, U..  2018.  Advanced Petya Ransomware and Mitigation Strategies. 2018 First International Conference on Secure Cyber Computing and Communication (ICSCCC). :23–28.

In this cyber era, the cyber threats have reached a new level of menace and maturity. One of the major threat in this cyber world nowadays is ransomware attack which had affected millions of computers. Ransomware locks the valuable data with often unbreakable encryption codes making it inaccessible for both organization and consumers, thus demanding heavy ransom to decrypt the data. In this paper, advanced and improved version of the Petya ransomware has been introduced which has a reduced anti-virus detection of 33% which actually was 71% with the original version. System behavior is also monitored during the attack and analysis of this behavior is performed and described. Along with the behavioral analysis two mitigation strategies have also been proposed to defend the systems from the ransomware attack. This multi-layered approach for the security of the system will minimize the rate of infection as cybercriminals continue to refine their tactics, making it difficult for the organization's complacent development.

Sang, Dinh Viet, Cuong, Dang Manh, Cuong, Le Tran Bao.  2018.  An Effective Ensemble Deep Learning Framework for Malware Detection. Proceedings of the Ninth International Symposium on Information and Communication Technology. :192–199.
Malware (or malicious software) is any program or file that brings harm to a computer system. Malware includes computer viruses, worms, trojan horses, rootkit, adware, ransomware and spyware. Due to the explosive growth in number and variety of malware, the demand of improving automatic malware detection has increased. Machine learning approaches are a natural choice to deal with this problem since they can automatically discover hidden patterns in large-scale datasets to distinguish malware from benign. In this paper, we propose different deep neural network architectures from simple to advanced ones. We then fuse hand-crafted and deep features, and combine all models together to make an overall effective ensemble framework for malware detection. The experiment results demonstrate the efficiency of our proposed method, which is capable to detect malware with accuracy of 96.24% on our large real-life dataset.
Cusack, Greg, Michel, Oliver, Keller, Eric.  2018.  Machine Learning-Based Detection of Ransomware Using SDN. Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization. :1–6.
The growth of malware poses a major threat to internet users, governments, and businesses around the world. One of the major types of malware, ransomware, encrypts a user's sensitive information and only returns the original files to the user after a ransom is paid. As malware developers shift the delivery of their product from HTTP to HTTPS to protect themselves from payload inspection, we can no longer rely on deep packet inspection to extract features for malware identification. Toward this goal, we propose a solution leveraging a recent trend in networking hardware, that is programmable forwarding engines (PFEs). PFEs allow collection of per-packet, network monitoring data at high rates. We use this data to monitor the network traffic between an infected computer and the command and control (C&C) server. We extract high-level flow features from this traffic and use this data for ransomware classification. We write a stream processor and use a random forest, binary classifier to utilizes these rich flow records in fingerprinting malicious, network activity without the requirement of deep packet inspection. Our classification model achieves a detection rate in excess of 0.86, while maintaining a false negative rate under 0.11. Our results suggest that a flow-based fingerprinting method is feasible and accurate enough to catch ransomware before encryption.
Monge, Marco Antonio Sotelo, Vidal, Jorge Maestre, Villalba, Luis Javier García.  2018.  A Novel Self-Organizing Network Solution Towards Crypto-ransomware Mitigation. Proceedings of the 13th International Conference on Availability, Reliability and Security. :48:1–48:10.
In the last decade, crypto-ransomware evolved from a family of malicious software with scarce repercussion in the research community, to a sophisticated and highly effective intrusion method positioned in the spotlight of the main organizations for cyberdefense. Its modus operandi is characterized by fetching the assets to be blocked, their encryption, and triggering an extortion process that leads the victim to pay for the key that allows their recovery. This paper reviews the evolution of crypto-ransomware focusing on the implication of the different advances in communication technologies that empowered its popularization. In addition, a novel defensive approach based on the Self-Organizing Network paradigm and the emergent communication technologies (e.g. Software-Defined Networking, Network Function Virtualization, Cloud Computing, etc.) is proposed. They enhance the orchestration of smart defensive deployments that adapt to the status of the monitoring environment and facilitate the adoption of previously defined risk management policies. In this way it is possible to efficiently coordinate the efforts of sensors and actuators distributed throughout the protected environment without supervision by human operators, resulting in greater protection with increased viability
Genç, Ziya Alper, Lenzini, Gabriele, Ryan, Peter Y.A..  2018.  Security Analysis of Key Acquiring Strategies Used by Cryptographic Ransomware. Proceedings of the Central European Cybersecurity Conference 2018. :7:1–7:6.
To achieve its goals, ransomware needs to employ strong encryption, which in turn requires access to high-grade encryption keys. Over the evolution of ransomware, various techniques have been observed to accomplish the latter. Understanding the advantages and disadvantages of each method is essential to develop robust defense strategies. In this paper we explain the techniques used by ransomware to derive encryption keys and analyze the security of each approach. We argue that recovery of data might be possible if the ransomware cannot access high entropy randomness sources. As an evidence to support our theoretical results, we provide a decryptor program for a previously undefeated ransomware.
Kara, I., Aydos, M..  2018.  Static and Dynamic Analysis of Third Generation Cerber Ransomware. 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT). :12–17.

Cyber criminals have been extensively using malicious Ransomware software for years. Ransomware is a subset of malware in which the data on a victim's computer is locked, typically by encryption, and payment is demanded before the ransomed data is decrypted and access returned to the victim. The motives for such attacks are not only limited to economical scumming. Illegal attacks on official databases may also target people with political or social power. Although billions of dollars have been spent for preventing or at least reducing the tremendous amount of losses, these malicious Ransomware attacks have been expanding and growing. Therefore, it is critical to perform technical analysis of such malicious codes and, if possible, determine the source of such attacks. It might be almost impossible to recover the affected files due to the strong encryption imposed on such files, however the determination of the source of Ransomware attacks have been becoming significantly important for criminal justice. Unfortunately, there are only a few technical analysis of real life attacks in the literature. In this work, a real life Ransomware attack on an official institute is investigated and fully analyzed. The analysis have been performed by both static and dynamic methods. The results show that the source of the Ransomware attack has been shown to be traceable from the server's whois information.

Agrawal, R., Stokes, J. W., Selvaraj, K., Marinescu, M..  2019.  Attention in Recurrent Neural Networks for Ransomware Detection. ICASSP 2019 - 2019 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). :3222–3226.

Ransomware, as a specialized form of malicious software, has recently emerged as a major threat in computer security. With an ability to lock out user access to their content, recent ransomware attacks have caused severe impact at an individual and organizational level. While research in malware detection can be adapted directly for ransomware, specific structural properties of ransomware can further improve the quality of detection. In this paper, we adapt the deep learning methods used in malware detection for detecting ransomware from emulation sequences. We present specialized recurrent neural networks for capturing local event patterns in ransomware sequences using the concept of attention mechanisms. We demonstrate the performance of enhanced LSTM models on a sequence dataset derived by the emulation of ransomware executables targeting the Windows environment.

Paik, Joon-Young, Choi, Joong-Hyun, Jin, Rize, Wang, Jianming, Cho, Eun-Sun.  2018.  A Storage-level Detection Mechanism Against Crypto-Ransomware. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. :2258–2260.
Ransomware represents a significant threat to both individuals and organizations. Moreover, the emergence of ransomware that exploits kernel vulnerabilities poses a serious detection challenge. In this paper, we propose a novel ransomware detection mechanism at a storage device, especially a flash-based storage device. To this end, we design a new buffer management policy that allows our detector to identify ransomware behaviors. Our mechanism detects a realistic ransomware sample with little negative impacts on the hit ratios of the buffers internally located in a storage device.