TL;DR
This paper analyzes crypto-ransomware by modeling it as four subsystems and demonstrates that disrupting the obfuscated command channel can proactively and effectively neutralize ransomware threats.
Contribution
It introduces a novel approach focusing on disrupting the obfuscated command channel to combat crypto-ransomware proactively.
Findings
Disrupting the OCC can neutralize ransomware effectively.
Most counter-measures target Agent or CNC reactively.
Proactive disruption reduces risk compared to reactive methods.
Abstract
This research seeks to expose a major weakness in Crypto-ransomware by modeling it as four integral sub-systems consisting of: An Agent, a Command and Control Service (CNC), an anonymous payment channel (APC) and an obfuscated command channel (OCC). We will show that most modern counter-measures focus on either the Agent or the CNC subsystems and usually in a reactive way exposing the target to undue risk. However, by disrupting this fourth component - the Obfuscated Command Channel - we can proactively and safely defeat a wide variety of crypto-ransomware.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Malware Detection Techniques · Network Security and Intrusion Detection · Spam and Phishing Detection