文章基本信息

标题：DISCOVERING RANSOMWAREBEHAVIOR BY HOST-BASED APPROACH
本地全文：下载
作者：MUHAMMAD SAFWAN ROSLI ; RAIHANA SYAHIRAH ABDULLAH ; WARUSIA YASSIN 等
期刊名称：Journal of Theoretical and Applied Information Technology
印刷版ISSN：1992-8645
电子版ISSN：1817-3195
出版年度：2019
卷号：97
期号：14
页码：3848-3858
出版社：Journal of Theoretical and Applied
摘要：Numerous researchers have discovered multiple types of ransomware that has been rampaging in cybersecurity which is the main concern for business companies where most of their data has been digitalized. However, the main problem in detecting this type of malware, where it is known as sophisticated behavior is quite challenging since it capable to do encryption in file activity system and hide its malicious activity in computer host. Nevertheless, previous researcher also has done major contribution in discovering its pattern and behavior of ransomware and provide numerous solutions in detecting this malware. This paper will be focusing on ransomware behavior during normal file activity system by using host-based approach experiment. The design of the experiment and dataset collection are one of the main important in this experiment for analyzing the ransomware behavior using available tools and software. Then, the behavior of the ransomware will be saved as log file for in-depth analysis. Finally, the results from the experiment will be tabulated and discussed further before the conclusion of the experiment.
关键词：Ransomware; Behavior Analysis; File Activity System; Process Explorer; Process Monitor