Abstract
A crypto ransomware usually encrypts files of victims using block cipher encryption. Afterward, the ransomware requests a ransom for encrypted files to victims. In this paper, we present a novel defense against crypto ransomware by detecting block cipher encryption for low-end Internet of Things (IoT) environment. The proposed method analyzes the binary code of low-end microcontrollers in the base-station (i.e. server) and it is classified in either ransomware virus or benign software. Block cipher implementations from Lightweight block cipher library (i.e. FELICS) and general software from AVR packages were trained and evaluated through the deep learning network. The proposed method successful classifies the general software and potential ransomware virus by identifying the cryptography function call, which is evaluated in terms of recall rate, precision rate and F-measure.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
