Malicious software (Malware) has a rich history of causing significant challenges for both users and system developers alike. The development of different malware types is often resulting from criminal opportunity, and the monetisation of ransomware, coupled with the continuously growing importance of user data, is resulting in ransomware becoming one of the most prominent forms of malware. Detecting and stopping ransomware from executing is challenging due to the large verity of different types, as well as the speed of new instances being developed. This results in static approaches, such as using signatures, ineffective in many instances. This chapter investigates the behavioural analysis of ransomware, and in particular focussed on its interaction with the underlying file system. This study identifies that ransomware instances have unique behavioural patterns, which are significantly different from those of normal user interaction.
|Title of host publication||Guide to Vulnerability Analysis for Computer Networks and Systems|
|Subtitle of host publication||An Artificial Intelligence Approach|
|Editors||Simon Parkinson, Andrew Crampton, Richard Hill|
|Place of Publication||Cham|
|Number of pages||19|
|Publication status||Published - 5 Sep 2018|
|Name||Computer Communications and Networks|