ESCAPADE: Encryption-type-ransomeware: system call based pattern detection
| dc.contributor.author | Chew, Christopher J.W. | en_NZ |
| dc.contributor.author | Kumar, Vimal | en_NZ |
| dc.contributor.author | Patros, Panos | en_NZ |
| dc.contributor.author | Malik, Robi | en_NZ |
| dc.contributor.editor | Kutylowski, M. | en_NZ |
| dc.contributor.editor | Zhang, J. | en_NZ |
| dc.contributor.editor | Chen, C. | en_NZ |
| dc.coverage.spatial | Virtual, Melbourne, Australia | en_NZ |
| dc.date.accessioned | 2021-02-26T03:00:35Z | |
| dc.date.available | 2021-02-26T03:00:35Z | |
| dc.date.issued | 2020 | en_NZ |
| dc.description.abstract | Encryption-type ransomware has risen in prominence lately as the go-to malware for threat actors aiming to compromise Android devices. In this paper, we present a ransomware detection technique based on behaviours observed in the system calls performed by the malware. We identify and present some common high-level system call behavioural patterns targeted at encryption-type ransomware and evaluate these patterns. We further present our repeatable and extensible methodology for extracting the system call log and patterns. | |
| dc.format.mimetype | application/pdf | |
| dc.identifier.citation | Chew, C., Kumar, V., Patros, P., & Malik, R. (2020). ESCAPADE: Encryption-type-ransomeware: system call based pattern detection. In M. Kutylowski, J. Zhang, & C. Chen (Eds.), Proceedings of 14th International Conference on Network and System Security (NSS 2020), LNCS 12570 (pp. 388–407). Virtual, Melbourne, Australia: Springer. https://doi.org/10.1007/978-3-030-65745-1_23 | en |
| dc.identifier.doi | 10.1007/978-3-030-65745-1_23 | en_NZ |
| dc.identifier.uri | https://hdl.handle.net/10289/14133 | |
| dc.language.iso | en | |
| dc.publisher | Springer | |
| dc.relation.isPartOf | Proceedings of 14th International Conference on Network and System Security (NSS 2020), LNCS 12570 | en_NZ |
| dc.rights | This is a post-peer-review, pre-copyedit version of an article published in Proceedings of 14th International Conference on Network and System Security (NSS 2020), LNCS 12570. The final authenticated version is available online at: http://dx.doi.org/10.1007/978-3-030-65745-1_23. © Springer Nature Switzerland AG 2020. | |
| dc.source | NSS 2020 | en_NZ |
| dc.title | ESCAPADE: Encryption-type-ransomeware: system call based pattern detection | en_NZ |
| dc.type | Conference Contribution | |
| dspace.entity.type | Publication | |
| pubs.begin-page | 388 | |
| pubs.end-page | 407 | |
| pubs.finish-date | 2020-11-27 | en_NZ |
| pubs.publication-status | Published | en_NZ |
| pubs.start-date | 2020-11-25 | en_NZ |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- ESCAPADE_accepted_ver.pdf
- Size:
- 346.46 KB
- Format:
- Adobe Portable Document Format
- Description:
- Accepted version
License bundle
1 - 1 of 1
Loading...
- Name:
- Research Commons Deposit Agreement 2017.pdf
- Size:
- 188.11 KB
- Format:
- Adobe Portable Document Format
- Description: