Articles producció científicaEnginyeria Informàtica i Matemàtiques

Not on my watch: ransomware detection through classification of high-entropy file segments

  • Dades identificatives

    Identificador:  imarina:9452218
    Handlehttps://hdl.handle.net/20.500.11797/imarina9452218
    Autors:  Casino, Fran; Hurley-Smith, Darren; Hernandez-Castro, Julio; Patsakis, Constantinos
    Resum:
    The double-edged sword of continuous digitization of services and systems opens the door to a myriad of beneficial opportunities, as well as challenging threats. Currently, ransomware is catalogued as the first threat in cybersecurity due to its impact on organizations, critical infrastructure, industry, and society as a whole. Thus, devoting efforts toward developing methodologies to effectively prevent and mitigate ransomware is crucial. In this article, we present an accurate method to identify encrypted bit streams by differentiating them from other high-entropy streams (e.g. compressed files), which is a critical task to detect potentially malicious file write events on the file system in current operating systems. After extensive evaluation, our findings demonstrate that the proposed solution outperforms the current state of the art in both adaptability and accuracy, enabling it to be integrated into current Endpoint Detection and Response systems.

  • Altres:

    Enllaç font original: https://academic.oup.com/cybersecurity/article/11/1/tyaf009/8109429
    Referència de l'ítem segons les normes APA: Casino, Fran; Hurley-Smith, Darren; Hernandez-Castro, Julio; Patsakis, Constantinos (2025). Not on my watch: ransomware detection through classification of high-entropy file segments. Journal Of Cybersecurity, 11(1), tyaf009-. DOI: 10.1093/cybsec/tyaf009
    Referència a l'article segons font original: Journal Of Cybersecurity. 11 (1): tyaf009-
    DOI de l'article: 10.1093/cybsec/tyaf009
    Any de publicació de la revista: 2025
    Entitat: Universitat Rovira i Virgili
    Versió de l'article dipositat: info:eu-repo/semantics/publishedVersion
    Data d'alta del registre: 2025-04-30
    Autor/s de la URV: Casino Cembellín, Francisco José
    Departament: Enginyeria Informàtica i Matemàtiques
    URL Document de llicència: https://repositori.urv.cat/ca/proteccio-de-dades/
    Tipus de publicació: Journal Publications
    Autor segons l'article: Casino, Fran; Hurley-Smith, Darren; Hernandez-Castro, Julio; Patsakis, Constantinos
    Accès a la llicència d'ús: https://creativecommons.org/licenses/by/3.0/es/
    Àrees temàtiques: Computer networks and communications, Computer science (miscellaneous), Computer science applications, Hardware, Hardware and architecture, Information systems, Law, Political science and international relations, Safety research, Safety, risk, reliability and quality, Social psychology, Social sciences, interdisciplinary, Software
    Adreça de correu electrònic de l'autor: franciscojose.casino@urv.cat

  • Paraules clau:

    Encryptio
    Endpoint detection and response systems
    High-entropy sources
    Randomness
    Ransomware
    Computer Networks and Communications
    Computer Science (Miscellaneous)
    Computer Science Applications
    Hardware
    Hardware and Architecture
    Information Systems
    Law
    Political Science and International Relations
    Safety Research
    Safety
    Risk
    Reliability and Quality
    Social Psychology
    Social Sciences
    Interdisciplinary
    Software

  • Documents:

    DocumentPrincipal

  • Cerca a google

    Search to google scholar