Open repository for the evaluation of ransomware detection tools
Fecha
2020Autor
Versión
Acceso abierto / Sarbide irekia
Tipo
Artículo / Artikulua
Versión
Versión publicada / Argitaratu den bertsioa
Impacto
|
10.1109/ACCESS.2020.2984187
Resumen
Crypto-ransomware is a type of malware that encrypts user files, deletes the original data, and asks for ransom to recover the hijacked documents. Several articles have presented detection techniques for this type of malware; these techniques are applied before the ransomware encrypts files or during its action in an infected host. The evaluation of these proposals has always been accomplished us ...
[++]
Crypto-ransomware is a type of malware that encrypts user files, deletes the original data, and asks for ransom to recover the hijacked documents. Several articles have presented detection techniques for this type of malware; these techniques are applied before the ransomware encrypts files or during its action in an infected host. The evaluation of these proposals has always been accomplished using sets of ransomware samples that are prepared locally for the research article, without making the data available. Different studies use different sets of samples and different evaluation metrics, resulting in insufficient comparability. In this paper, we describe a public data repository containing the file access operations of more than 70 ransomware samples during the encryption of a large network shared directory. These data have already been used successfully in the evaluation of a network-based ransomware detection algorithm. Now, we are making these data available to the community and describing their details, how they were captured, and how they can be used in the evaluation and comparison of the results of most ransomware detection techniques. [--]
Materias
Ransomware,
Open repository,
Traffic analysis
Editor
IEEE
Publicado en
IEEE Access, 2020, 8, 65658-65669
Departamento
Universidad Pública de Navarra. Departamento de Ingeniería Eléctrica, Electrónica y de Comunicación /
Nafarroako Unibertsitate Publikoa. Ingeniaritza Elektrikoa, Elektronikoa eta Telekomunikazio Ingeniaritza Saila /
Universidad Pública de Navarra/Nafarroako Unibertsitate Publikoa. Institute of Smart Cities - ISC
Versión del editor
Entidades Financiadoras
This work was supported by the Spanish MINECO under Project TEC2015-69417-C2-2-R and Project PID2019-104451RB-C22.