Prof Bill Buchanan B.Buchanan@napier.ac.uk
Professor
Detection of Ransomware
Buchanan, Bill; McLaren, Peter; Russell, Gordon; Tan, Zhiyuan
Authors
Dr Peter McLaren P.McLaren2@napier.ac.uk
Associate
Dr Gordon Russell G.Russell@napier.ac.uk
Associate Professor
Dr Thomas Tan Z.Tan@napier.ac.uk
Associate Professor
Abstract
The present invention relates to a computer program product, a computing device and a method of detecting a file encrypted by ransomware by identifying a file write operation for a file on the computing device and determining if a predetermined number of bytes of the file is stored in a memory buffer on the computing device. An entropy value of the predetermined number of bytes in the memory buffer is determined and compared to a first predetermined threshold, wherein if the determined entropy value exceeds the first predetermined threshold the file associated with the file write operation is flagged as being potentially encrypted by ransomware.
Citation
Buchanan, B., McLaren, P., Russell, G., & Tan, Z. (2024). Detection of Ransomware. US20240152616A1
Online Publication Date | May 9, 2024 |
---|---|
Publication Date | May 9, 2024 |
Deposit Date | May 21, 2024 |
Keywords | ransomware, encryption, detection |
You might also like
PLC Memory Attack Detection and Response in a Clean Water Supply System
(2019)
Journal Article
Decrypting Live SSH Traffic in Virtual Environments
(2019)
Journal Article
Fingerprinting JPEGs With Optimised Huffman Tables
(2018)
Journal Article
Risk assessment for mobile systems through a multilayered hierarchical Bayesian network.
(2016)
Journal Article
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search