@inbook{e1ba384701904da1838d9ce65e2eafec,
title = "Identifying File Interaction Patterns in Ransomware Behaviour",
abstract = "Malicious software (Malware) has a rich history of causing significant challenges for both users and system developers alike. The development of different malware types is often resulting from criminal opportunity, and the monetisation of ransomware, coupled with the continuously growing importance of user data, is resulting in ransomware becoming one of the most prominent forms of malware. Detecting and stopping ransomware from executing is challenging due to the large verity of different types, as well as the speed of new instances being developed. This results in static approaches, such as using signatures, ineffective in many instances. This chapter investigates the behavioural analysis of ransomware, and in particular focussed on its interaction with the underlying file system. This study identifies that ransomware instances have unique behavioural patterns, which are significantly different from those of normal user interaction.",
author = "Liam Grant and Simon Parkinson",
year = "2018",
month = sep,
day = "5",
doi = "10.1007/978-3-319-92624-7_14",
language = "English",
isbn = "9783319926230",
series = "Computer Communications and Networks",
publisher = "Springer, Cham",
pages = "317--335",
editor = "Simon Parkinson and Andrew Crampton and Richard Hill",
booktitle = "Guide to Vulnerability Analysis for Computer Networks and Systems",
address = "Switzerland",
edition = "1st",
}