Reference : No Random, No Ransom: A Key to Stop Cryptographic Ransomware
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/35679
No Random, No Ransom: A Key to Stop Cryptographic Ransomware
English
Genç, Ziya Alper mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Lenzini, Gabriele mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Ryan, Peter [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
2018
Proceedings of the 15th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA 2018)
Giuffrida, Cristiano
Bardin, Sébastien
Blanc, Gregory
Springer International Publishing
234-255
Yes
No
International
978-3-319-93410-5
15th Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
from 28-06-2018 to 29-06-2018
Security-Intrusion Detection and Response (SIDAR)
Paris
France
[en] ransomware ; cryptographic malware ; randomness ; mitigation
[en] To be effective, ransomware has to implement strong encryption, and strong encryption in turn requires a good source of random numbers. Without access to true randomness, ransomware relies on the pseudo random number generators that modern Operating Systems make available to applications. With this insight, we propose a strategy to mitigate ransomware attacks that considers pseudo random number generator functions as critical resources, controls accesses on their APIs and stops unauthorized applications that call them. Our strategy, tested against
524 active real-world ransomware samples, stops 94% of them, including WannaCry, Locky, CryptoLocker and CryptoWall. Remarkably, it also nullifies NotPetya, the latest offspring of the family which so far has eluded all defenses.
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Applied Security and Information Assurance Group (APSIA)
Researchers ; Professionals ; Students ; General public ; Others
http://hdl.handle.net/10993/35679
10.1007/978-3-319-93411-2_11
https://www.springerprofessional.de/en/no-random-no-ransom-a-key-to-stop-cryptographic-ransomware/15862780

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
dimva2018_GLR.pdfAuthor postprint447.56 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.