Thumbnail Image
Publication

ESCAPADE: Encryption-type-ransomeware: system call based pattern detection

Abstract
Encryption-type ransomware has risen in prominence lately as the go-to malware for threat actors aiming to compromise Android devices. In this paper, we present a ransomware detection technique based on behaviours observed in the system calls performed by the malware. We identify and present some common high-level system call behavioural patterns targeted at encryption-type ransomware and evaluate these patterns. We further present our repeatable and extensible methodology for extracting the system call log and patterns.
Type
Conference Contribution
Type of thesis
Series
Citation
Chew, C., Kumar, V., Patros, P., & Malik, R. (2020). ESCAPADE: Encryption-type-ransomeware: system call based pattern detection. In M. Kutylowski, J. Zhang, & C. Chen (Eds.), Proceedings of 14th International Conference on Network and System Security (NSS 2020), LNCS 12570 (pp. 388–407). Virtual, Melbourne, Australia: Springer. https://doi.org/10.1007/978-3-030-65745-1_23
Date
2020
Publisher
Springer
Degree
Supervisors
Rights
This is a post-peer-review, pre-copyedit version of an article published in Proceedings of 14th International Conference on Network and System Security (NSS 2020), LNCS 12570. The final authenticated version is available online at: http://dx.doi.org/10.1007/978-3-030-65745-1_23. © Springer Nature Switzerland AG 2020.
Files
Thumbnail Image
Accepted version
Adobe PDF346.46 KB
Permanent link
https://hdl.handle.net/10289/14133
DOI
10.1007/978-3-030-65745-1_23
Publisher version
Collections
Computing and Mathematical Sciences Papers
Show all metadata