Why your antivirus software can t stop ransomware?

 
Related

More people get divorced in March and August

Everything
438 points

Interscatter contact lenses talk to phone via Wi-Fi

Everything
864 points



Most recent

La lucha por un tránsito justo: una reflexión sobre el panorama en San Juan del César la Guajira

Luis Horgelys Brito Ariza
134 points

Magola López: Una Mujer Admirable

Carlos Eduardo Lagos Campos
122 points

China tiene un arma natural tan poderosa que es capaz de ralentizar la Tierra

NOTICIAS de ETF
8 points

Xarelto 20 Mg (Anticoagulante): ¿Cómo tomarlo?

Charlas con la IA
14 points

Nariño, Puente Histórico y Cultural de América

Carlos Eduardo Lagos Campos
18 points

Pure Storage anunció mejoras significativas de su plataforma Portworx

Patricia Amaya Comunicaciones
22 points

Violaciones a los Derechos Humanos y la Democracia en Venezuela

Carlos Eduardo Lagos Campos
14 points

Thanksgiving Day: Propuestas para la celebrar esta fecha en Bogotá

Viajes y turismo
32 points

La implementación del tránsito en San Juan del Cesar: ¿progreso o decisión oscura?

Luis Horgelys Brito Ariza
248 points

¿Cuál es la esperanza de vida de un enfermo que sufre la FSHD? (Distrofia Facioescapulohumeral)

Charlas con la IA
12 points
SHARE
TWEET
(Futurity.org) If your computer is infected with ransomware, your antivirus software probably won’t detect it until it’s too late.

Why your antivirus software can   t stop ransomware?

Hackers use the malware to encrypt your computer files and demand money in exchange for freeing those contents. The attacks are on the rise.

In May the FBI issued a warning that the number of attacks has doubled in the past year and is expected to grow even more rapidly this year.

Attacks most often show up in the form of an email that appears to be from someone familiar. The recipient clicks on a link in the email and unknowingly unleashes malware that encrypts his or her data. The next thing to appear is a message demanding the ransom, typically anywhere from a few hundred to a few thousand dollars. Often the ransoms are paid in Bitcoin, a digital currency that defies tracing.

“These attacks are tailored and unique every time they get installed on someone’s system,” says Nolen Scaife, a University of Florida doctoral student. “Antivirus is really good at stopping things it’s seen before … That’s where our solution is better than traditional anti-viruses.”

Scaife is part of the team that has come up with the ransomware solution, which it calls CryptoDrop. It doesn’t keep ransomware out, but rather confronts it once it’s there. CryptoDrop actually lets the malware lock up a few files before clamping down on it.

“If something that’s benign starts to behave maliciously, then what we can do is take action against that based on what we see is happening to your data. So we can stop, for example, all of your pictures form being encrypted,” says Scaife.

“Our system is more of an early-warning system. It doesn’t prevent the ransomware from starting … it prevents the ransomware from completing its task … so you lose only a couple of pictures or a couple of documents rather than everything that’s on your hard drive, and it relieves you of the burden of having to pay the ransom,” adds Scaife.

“We ran our detector against several hundred ransomware samples that were live,” Scaife says, “and in those case it detected 100 percent of those malware samples and it did so after only a median of 10 files were encrypted.”

And CryptoDrop works seamlessly with antivirus software.

“About one-tenth of 1 percent of the files were lost,” says Patrick Traynor, an associate professor in computer and information science and engineering, “but the advantage is that it’s flexible. We don’t have to wait for that anti-virus update. If you have a new version of your ransomware, our system can detect that.”

The team currently has a functioning prototype that works with Windows-based systems and is seeking a partner to commercialize it and make it available publicly. They recently presented their results at the IEEE International Conference on Distributed Computing Systems in Japan.

Fuente: www.futurity.org
SHARE
TWEET
To comment you must log in with your account or sign up!
Featured content