Visible to the public A Storage-level Detection Mechanism Against Crypto-Ransomware

TitleA Storage-level Detection Mechanism Against Crypto-Ransomware
Publication TypeConference Paper
Year of Publication2018
AuthorsPaik, Joon-Young, Choi, Joong-Hyun, Jin, Rize, Wang, Jianming, Cho, Eun-Sun
Conference NameProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-5693-0
Keywordsbuffer, composability, Metrics, pubcrawl, ransomware, Resiliency, security, storage devices
AbstractRansomware represents a significant threat to both individuals and organizations. Moreover, the emergence of ransomware that exploits kernel vulnerabilities poses a serious detection challenge. In this paper, we propose a novel ransomware detection mechanism at a storage device, especially a flash-based storage device. To this end, we design a new buffer management policy that allows our detector to identify ransomware behaviors. Our mechanism detects a realistic ransomware sample with little negative impacts on the hit ratios of the buffers internally located in a storage device.
Citation Keypaik_storage-level_2018