Abstract
Ransomware is a challenging threat that encrypts a user's files until some ransom is paid by the victim. This type of malware is a profitable business for attackers, generating millions of dollars annually. Several approaches based on signature matching have been proposed to detect ransomware intrusions but they fail to detect ransomware whose signature is unknown. We try to detect ransomware's behaviour with the help of a mini-filter driver using a signature-less detection method. The proposed technique combines the working of Shannon’s entropy and fuzzy hash to provide better results in detecting ransomware. Not only this technique has been practically tested but has been successful in detecting over 95% of the tested ransomware attacks on windows operating systems.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Journal of Computer Virology and Hacking Techniques
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
