Terminating Ransomware Attack on User Files in Windows Endpoint

Ximenes, Abrao and Budiarto, Eka and Lim, Charles (2018) Terminating Ransomware Attack on User Files in Windows Endpoint. Masters thesis, Swiss German University.

[img]
Preview
Text
Abrão Ximenes 21551001 TOC.pdf

Download (236kB) | Preview
[img] Text
Abrão Ximenes 21551001 1.pdf
Restricted to Registered users only

Download (212kB)
[img] Text
Abrão Ximenes 21551001 2.pdf
Restricted to Registered users only

Download (306kB)
[img] Text
Abrão Ximenes 21551001 3.pdf
Restricted to Registered users only

Download (334kB)
[img] Text
Abrão Ximenes 21551001 4.pdf
Restricted to Registered users only

Download (316kB)
[img] Text
Abrão Ximenes 21551001 5.pdf
Restricted to Registered users only

Download (151kB)
[img]
Preview
Text
Abrão Ximenes 21551001 Ref.pdf

Download (218kB) | Preview

Abstract

Ransomware is one of the most phenomenal threats that facing by individuals, industries, organizations and Government nowadays. The type of this malware hostage user files, computers, mobile phone and other devices that connect to network and Internet to prevent users to access data and devices. This malware leverages the weaknesses of human, process and technology to carry out its attack. This research proposed a method to terminate ransomware attack on user files in its early stage of encryption. We monitor file operations activities in file system using minifilter driver. Due to the behaviors of file operations that performed by ransomware are very different. There are 10 family of ransomware and more than 313 ransomware samples were used during this research project. The experiment and evaluation indicated that the method proposed can success terminates the ransomware.

Item Type: Thesis (Masters)
Uncontrolled Keywords: Ransomware; User files Monitoring; Terminates Ransomware Activity; Minifilter; Minispy
Subjects: Q Science > QA Mathematics > QA76 Computer software >
T Technology > T Technology (General) > T58.5 Information technology
Divisions: Faculty of Engineering and Information Technology > Department of Information Technology
Depositing User: Astuti Kusumaningrum
Date Deposited: 09 Jul 2020 15:54
Last Modified: 09 Jul 2020 15:54
URI: http://repository.sgu.ac.id/id/eprint/778

Actions (login required)

View Item View Item