Publication:
A survey on detection techniques for cryptographic ransomware

Consultable a partir de

Date

2019

Director

Publisher

IEEE
Acceso abierto / Sarbide irekia
Artículo / Artikulua
Versión publicada / Argitaratu den bertsioa

Project identifier

MINECO//TEC2015-69417-C2-2-R/ES/recolecta

Abstract

Crypto-ransomware is a type of malware that encrypts user files, deletes the original data, and asks for a ransom to recover the hijacked documents. It is a cyber threat that targets both companies and residential users, and has spread in recent years because of its lucrative results. Several articles have presented classifications of ransomware families and their typical behaviour. These insights have stimulated the creation of detection techniques for antivirus and firewall software. However, because the ransomware scene evolves quickly and aggressively, these studies quickly become outdated. In this study, we surveyed the detection techniques that the research community has developed in recent years. We compared the different approaches and classified the algorithms based on the input data they obtain from ransomware actions, and the decision procedures they use to reach a classification decision between benign or malign applications. This is a detailed survey that focuses on detection algorithms, compared to most previous studies that offer a survey of ransomware families or isolated proposals of detection algorithms. We also compared the results of these proposals.

Description

Keywords

Computer security, Malware detection, Ransomware

Department

Ingeniaritza Elektrikoa, Elektronikoaren eta Telekomunikazio Ingeniaritzaren / Institute of Smart Cities - ISC / Ingeniería Eléctrica, Electrónica y de Comunicación

Faculty/School

Degree

Doctorate program

item.page.cita

item.page.rights

This work is licensed under a Creative Commons Attribution 4.0 License.

Los documentos de Academica-e están protegidos por derechos de autor con todos los derechos reservados, a no ser que se indique lo contrario.