Prof Bill Buchanan B.Buchanan@napier.ac.uk
Professor
Detection of Ransomware
Buchanan, Bill; McLaren, Peter; Russell, Gordon; Tan, Zhiyuan
Authors
Dr Peter McLaren P.McLaren2@napier.ac.uk
Associate
Dr Gordon Russell G.Russell@napier.ac.uk
Associate Professor
Dr Thomas Tan Z.Tan@napier.ac.uk
Associate Professor
Abstract
The present invention relates to a computer program product, a computing device and a method of detecting a file encrypted by ransomware by identifying a file write operation for a file on the computing device and determining if a predetermined number of bytes of the file is stored in a memory buffer on the computing device. An entropy value of the predetermined number of bytes in the memory buffer is determined and compared to a first predetermined threshold, wherein if the determined entropy value exceeds the first predetermined threshold the file associated with the file write operation is flagged as being potentially encrypted by ransomware.
Citation
Buchanan, B., McLaren, P., Russell, G., & Tan, Z. (2024). Detection of Ransomware. US20240152616A1
| Online Publication Date | May 9, 2024 |
|---|---|
| Publication Date | May 9, 2024 |
| Deposit Date | May 21, 2024 |
| Keywords | ransomware, encryption, detection |
| Public URL | http://researchrepository.napier.ac.uk/Output/3646765 |
You might also like
Securing IoT: Mitigating Sybil Flood Attacks with Bloom Filters and Hash Chains
(2024)
Journal Article
An omnidirectional approach to touch-based continuous authentication
(2023)
Journal Article
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2025
Advanced Search