Articles producció científicaEnginyeria Informàtica i Matemàtiques

Not on my watch: ransomware detection through classification of high-entropy file segments

  • Datos identificativos

    Identificador:  imarina:9452218
    Handlehttps://hdl.handle.net/20.500.11797/imarina9452218
    Autores:  Casino, Fran; Hurley-Smith, Darren; Hernandez-Castro, Julio; Patsakis, Constantinos
    Resumen:
    The double-edged sword of continuous digitization of services and systems opens the door to a myriad of beneficial opportunities, as well as challenging threats. Currently, ransomware is catalogued as the first threat in cybersecurity due to its impact on organizations, critical infrastructure, industry, and society as a whole. Thus, devoting efforts toward developing methodologies to effectively prevent and mitigate ransomware is crucial. In this article, we present an accurate method to identify encrypted bit streams by differentiating them from other high-entropy streams (e.g. compressed files), which is a critical task to detect potentially malicious file write events on the file system in current operating systems. After extensive evaluation, our findings demonstrate that the proposed solution outperforms the current state of the art in both adaptability and accuracy, enabling it to be integrated into current Endpoint Detection and Response systems.

  • Otros:

    Enlace a la fuente original: https://academic.oup.com/cybersecurity/article/11/1/tyaf009/8109429
    Referencia de l'ítem segons les normes APA: Casino, Fran; Hurley-Smith, Darren; Hernandez-Castro, Julio; Patsakis, Constantinos (2025). Not on my watch: ransomware detection through classification of high-entropy file segments. Journal Of Cybersecurity, 11(1), tyaf009-. DOI: 10.1093/cybsec/tyaf009
    Referencia al articulo segun fuente origial: Journal Of Cybersecurity. 11 (1): tyaf009-
    DOI del artículo: 10.1093/cybsec/tyaf009
    Año de publicación de la revista: 2025
    Entidad: Universitat Rovira i Virgili
    Versión del articulo depositado: info:eu-repo/semantics/publishedVersion
    Fecha de alta del registro: 2025-04-30
    Autor/es de la URV: Casino Cembellín, Francisco José
    Departamento: Enginyeria Informàtica i Matemàtiques
    URL Documento de licencia: https://repositori.urv.cat/ca/proteccio-de-dades/
    Tipo de publicación: Journal Publications
    Autor según el artículo: Casino, Fran; Hurley-Smith, Darren; Hernandez-Castro, Julio; Patsakis, Constantinos
    Acceso a la licencia de uso: https://creativecommons.org/licenses/by/3.0/es/
    Áreas temáticas: Computer networks and communications, Computer science (miscellaneous), Computer science applications, Hardware, Hardware and architecture, Information systems, Law, Political science and international relations, Safety research, Safety, risk, reliability and quality, Social psychology, Social sciences, interdisciplinary, Software
    Direcció de correo del autor: franciscojose.casino@urv.cat

  • Palabras clave:

    Encryptio
    Endpoint detection and response systems
    High-entropy sources
    Randomness
    Ransomware
    Computer Networks and Communications
    Computer Science (Miscellaneous)
    Computer Science Applications
    Hardware
    Hardware and Architecture
    Information Systems
    Law
    Political Science and International Relations
    Safety Research
    Safety
    Risk
    Reliability and Quality
    Social Psychology
    Social Sciences
    Interdisciplinary
    Software

  • Documentos:

    DocumentPrincipal

  • Cerca a google

    Search to google scholar