Research Commons
      • Browse 
        • Communities & Collections
        • Titles
        • Authors
        • By Issue Date
        • Subjects
        • Types
        • Series
      • Help 
        • About
        • Collection Policy
        • OA Mandate Guidelines
        • Guidelines FAQ
        • Contact Us
      • My Account 
        • Sign In
        • Register
      View Item 
      •   Research Commons
      • University of Waikato Research
      • Computing and Mathematical Sciences
      • Computing and Mathematical Sciences Papers
      • View Item
      •   Research Commons
      • University of Waikato Research
      • Computing and Mathematical Sciences
      • Computing and Mathematical Sciences Papers
      • View Item
      JavaScript is disabled for your browser. Some features of this site may not work without it.

      ESCAPADE: Encryption-type-ransomeware: system call based pattern detection

      Chew, Christopher; Kumar, Vimal; Patros, Panos; Malik, Robi
      Thumbnail
      Files
      ESCAPADE_accepted_ver.pdf
      Accepted version, 346.4Kb
      DOI
       10.1007/978-3-030-65745-1_23
      Find in your library  
      Citation
      Export citation
      Chew, C., Kumar, V., Patros, P., & Malik, R. (2020). ESCAPADE: Encryption-type-ransomeware: system call based pattern detection. In M. Kutylowski, J. Zhang, & C. Chen (Eds.), Proceedings of 14th International Conference on Network and System Security (NSS 2020), LNCS 12570 (pp. 388–407). Virtual, Melbourne, Australia: Springer. https://doi.org/10.1007/978-3-030-65745-1_23
      Permanent Research Commons link: https://hdl.handle.net/10289/14133
      Abstract
      Encryption-type ransomware has risen in prominence lately as the go-to malware for threat actors aiming to compromise Android devices. In this paper, we present a ransomware detection technique based on behaviours observed in the system calls performed by the malware. We identify and present some common high-level system call behavioural patterns targeted at encryption-type ransomware and evaluate these patterns. We further present our repeatable and extensible methodology for extracting the system call log and patterns.
      Date
      2020
      Type
      Conference Contribution
      Publisher
      Springer
      Rights
      This is a post-peer-review, pre-copyedit version of an article published in Proceedings of 14th International Conference on Network and System Security (NSS 2020), LNCS 12570. The final authenticated version is available online at: http://dx.doi.org/10.1007/978-3-030-65745-1_23. © Springer Nature Switzerland AG 2020.
      Collections
      • Computing and Mathematical Sciences Papers [1455]
      Show full item record  

      Usage

      Downloads, last 12 months
      211
       
       
       

      Usage Statistics

      For this itemFor all of Research Commons

      The University of Waikato - Te Whare Wānanga o WaikatoFeedback and RequestsCopyright and Legal Statement