Abstract
A variety of data-based services such as cloud services and big data-based services have emerged. These services store data and derive the value of the data, and the reliability and integrity of the data must be ensured. Attackers have taken valuable data hostage for money in attacks called ransomware, and systems infected by ransomware, it is difficult to recover original data from files because they are encrypted and cannot be accessed without keys. To solve this problem, there are cloud services to back up data; however, encrypted files are synchronized to the cloud service, so that when victim systems are infected, which means that the original file cannot restored even from the cloud. Therefore, in this paper, we propose a method to effectively detect ransomware for cloud services by estimating entropy. As experiment results, we detected 100% of the infected files in target files. We demonstrated that our proposed ransomware detection method was very effective compared with other existing methods.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Wikipedia, Cloud computing. https://en.wikipedia.org/wiki/Cloud_computing. Accessed 5 Apr 2019
Wikipedia, Big data. https://en.wikipedia.org/wiki/Big_data. Accessed 5 Apr 2019
Gazet, A.: Comparative analysis of various ransomware virii. J. Comput. Virol. 6(1), 77–90 (2010)
Wikipedia, Ransomware. https://en.wikipedia.org/wiki/Ransomware. Accessed 5 Apr 2019
Everett, C.: Ransomware: to pay or not to pay? J. Comput. Fraud. Secur. 2016(4), 8–12 (2016)
Cabaj, K., Gregorczyk, M., Mazurczyk, W.: Software-defined networking-based crypto ransomware detection using HTTP traffic characteristics. J. Comput. Electr. Eng. 66, 353–368 (2018)
Paik, J., Choi, J., Jin, R., Wang, J., Cho, E.: A storage-level detection mechanism against crypto-ransomware. In: 25th ACM SIGSAC Conference on Computer and Communications Security, Toronto, Canada, pp. 2258–2260. ACM (2018)
Chen, J., Wang, C., Zhao, Z., Chen, K., Du, R., Ahn, G.: Uncovering the face of android ransomware: characterization and real-time detection. J. IEEE Trans. Inf. Forensics Secur. 13(5), 1286–1300 (2017)
Akbanov, M., Vassilakis, V., Logothetis, M.: Ransomware detection and mitigation using software-defined networking: the case of WannaCry. J. Comput. Electr. Eng. 76, 111–121 (2019)
Li, Z., Xiang, C., Wang, C.: Oblivious transfer via lossy encryption from lattice-based cryptography. J. Wirel. Commun. Mob. Comput. 2018(5973285), 11 (2018)
Boura, C., Canteaut, A.: On the boomerang uniformity of cryptographic Sboxes. J. IACR Trans. Symmetric Cryptol. 2018(3), 290–310 (2018)
Acknowledgement
This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIT) (No. 2018R1A4A1025632).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Lee, K., Lee, SY., Yim, K. (2019). Effective Ransomware Detection Using Entropy Estimation of Files for Cloud Services. In: Esposito, C., Hong, J., Choo, KK. (eds) Pervasive Systems, Algorithms and Networks. I-SPAN 2019. Communications in Computer and Information Science, vol 1080. Springer, Cham. https://doi.org/10.1007/978-3-030-30143-9_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-30143-9_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-30142-2
Online ISBN: 978-3-030-30143-9
eBook Packages: Computer ScienceComputer Science (R0)