Ransomware Detection and Defense
Keywords:
Security, Privacy, Ransomware, Ransomware Detection, Cyber-Defense, Malware, Pay Break, Flash GuardAbstract
Like other criminals in world, cyber-criminals are using different illegal and unethical ways to gain their
mischievous purposes. Malware known as Ransomware is a new threat to world used by cyber hackers
to blackmail individuals and organizations and has been identified as a major threat to network and
computer security across the world [1]. Ransomware lock victim’s computer by encrypting user files
and demands payment often in crypto currency i.e. Bitcoins to give access to files. Research showed that
19,750 victims paid over $16 million as ransom payment in two years [2]. Due to increasing amount of
ransomware attacks, different software and hardware level techniques are proposed to detect and
mitigate ransomware attacks and to recover user files without ransom payment. Pay Break is a proactive
defense mechanism on software level against ransomware that allow victim to recover files without any
ransom payment. Furthermore, ransomware variants could get kernel privilege, that let them to
shutdown software-based system defense. Considering this, first hardware level defense system is
proposed named Flash Guard which is resistant against ransomware that use kernel vulnerabilities.
