An immunization scheme for ransomware

Jingping Song; Qingyu Meng; Chenke Luo; Nitin Naik; Jian Xu

doi:10.32604/CMC.2020.010592

An immunization scheme for ransomware

Jingping Song, Qingyu Meng, Chenke Luo, Nitin Naik, Jian Xu^*

^*Corresponding author for this work

College of Engineering and Physical Sciences

Research output: Contribution to journal › Article › peer-review

Abstract

In recent years, as the popularity of anonymous currencies such as Bitcoin has made the tracking of ransomware attackers more difficult, the amount of ransomware attacks against personal computers and enterprise production servers is increasing rapidly. The ransomware has a wide range of influence and spreads all over the world. It is affecting many industries including internet, education, medical care, traditional industry, etc. This paper uses the idea of virus immunity to design an immunization solution for ransomware viruses to solve the problems of traditional ransomware defense methods (such as anti-virus software, firewalls, etc.), which cannot meet the requirements of rapid detection and immediate prevention of new outbreaks attacks. Our scheme includes two parts: server and client. The server provides an immune configuration file and configuration file management functions, including a configuration file module, a cryptography algorithm module, and a display module. The client obtains the immunization configuration file from server in real time, and performs the corresponding operations according to the configuration file to make the computer have an immune function for a specific ransomware, including an update module, a configuration file module, a cryptography algorithm module, a control module, and a log module. This scheme controls mutexes, services, files and registries respectively, to destroy the triggering conditions of the virus and finally achieve the purpose of immunizing a computer from a specific ransomware.

Original language	English
Pages (from-to)	1051-1061
Number of pages	11
Journal	Computers, Materials and Continua
Volume	64
Issue number	2
DOIs	https://doi.org/10.32604/CMC.2020.010592
Publication status	Published - 10 Jun 2020

Bibliographical note

This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Funding Information:
Funding Statement: This work is supported in part by the National Natural Science Foundation of China under grant No. 61872069, in part by the Fundamental Research Funds for the Central Universities (N2017012) Conflicts of Interest: The authors declare that they have no conflicts of interest to report regarding the present study.

Keywords

Malware
Malware immunization
Ransomware

Access to Document

10.32604/CMC.2020.010592Licence: CC BY 3.0

An Immunization Scheme for Ransomware
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Final published version, 439 KBLicence: CC BY 3.0

Cite this

@article{44299e09cb2c4af6bcd2b13c148b4a2d,

title = "An immunization scheme for ransomware",

abstract = "In recent years, as the popularity of anonymous currencies such as Bitcoin has made the tracking of ransomware attackers more difficult, the amount of ransomware attacks against personal computers and enterprise production servers is increasing rapidly. The ransomware has a wide range of influence and spreads all over the world. It is affecting many industries including internet, education, medical care, traditional industry, etc. This paper uses the idea of virus immunity to design an immunization solution for ransomware viruses to solve the problems of traditional ransomware defense methods (such as anti-virus software, firewalls, etc.), which cannot meet the requirements of rapid detection and immediate prevention of new outbreaks attacks. Our scheme includes two parts: server and client. The server provides an immune configuration file and configuration file management functions, including a configuration file module, a cryptography algorithm module, and a display module. The client obtains the immunization configuration file from server in real time, and performs the corresponding operations according to the configuration file to make the computer have an immune function for a specific ransomware, including an update module, a configuration file module, a cryptography algorithm module, a control module, and a log module. This scheme controls mutexes, services, files and registries respectively, to destroy the triggering conditions of the virus and finally achieve the purpose of immunizing a computer from a specific ransomware.",

keywords = "Malware, Malware immunization, Ransomware",

author = "Jingping Song and Qingyu Meng and Chenke Luo and Nitin Naik and Jian Xu",

note = "This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. Funding Information: Funding Statement: This work is supported in part by the National Natural Science Foundation of China under grant No. 61872069, in part by the Fundamental Research Funds for the Central Universities (N2017012) Conflicts of Interest: The authors declare that they have no conflicts of interest to report regarding the present study. ",

year = "2020",

month = jun,

day = "10",

doi = "10.32604/CMC.2020.010592",

language = "English",

volume = "64",

pages = "1051--1061",

journal = "Computers, Materials and Continua",

issn = "1546-2218",

publisher = "Tech Science Press",

number = "2",

}

TY - JOUR

T1 - An immunization scheme for ransomware

AU - Song, Jingping

AU - Meng, Qingyu

AU - Luo, Chenke

AU - Naik, Nitin

AU - Xu, Jian

N1 - This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. Funding Information: Funding Statement: This work is supported in part by the National Natural Science Foundation of China under grant No. 61872069, in part by the Fundamental Research Funds for the Central Universities (N2017012) Conflicts of Interest: The authors declare that they have no conflicts of interest to report regarding the present study.

PY - 2020/6/10

Y1 - 2020/6/10

N2 - In recent years, as the popularity of anonymous currencies such as Bitcoin has made the tracking of ransomware attackers more difficult, the amount of ransomware attacks against personal computers and enterprise production servers is increasing rapidly. The ransomware has a wide range of influence and spreads all over the world. It is affecting many industries including internet, education, medical care, traditional industry, etc. This paper uses the idea of virus immunity to design an immunization solution for ransomware viruses to solve the problems of traditional ransomware defense methods (such as anti-virus software, firewalls, etc.), which cannot meet the requirements of rapid detection and immediate prevention of new outbreaks attacks. Our scheme includes two parts: server and client. The server provides an immune configuration file and configuration file management functions, including a configuration file module, a cryptography algorithm module, and a display module. The client obtains the immunization configuration file from server in real time, and performs the corresponding operations according to the configuration file to make the computer have an immune function for a specific ransomware, including an update module, a configuration file module, a cryptography algorithm module, a control module, and a log module. This scheme controls mutexes, services, files and registries respectively, to destroy the triggering conditions of the virus and finally achieve the purpose of immunizing a computer from a specific ransomware.

AB - In recent years, as the popularity of anonymous currencies such as Bitcoin has made the tracking of ransomware attackers more difficult, the amount of ransomware attacks against personal computers and enterprise production servers is increasing rapidly. The ransomware has a wide range of influence and spreads all over the world. It is affecting many industries including internet, education, medical care, traditional industry, etc. This paper uses the idea of virus immunity to design an immunization solution for ransomware viruses to solve the problems of traditional ransomware defense methods (such as anti-virus software, firewalls, etc.), which cannot meet the requirements of rapid detection and immediate prevention of new outbreaks attacks. Our scheme includes two parts: server and client. The server provides an immune configuration file and configuration file management functions, including a configuration file module, a cryptography algorithm module, and a display module. The client obtains the immunization configuration file from server in real time, and performs the corresponding operations according to the configuration file to make the computer have an immune function for a specific ransomware, including an update module, a configuration file module, a cryptography algorithm module, a control module, and a log module. This scheme controls mutexes, services, files and registries respectively, to destroy the triggering conditions of the virus and finally achieve the purpose of immunizing a computer from a specific ransomware.

KW - Malware

KW - Malware immunization

KW - Ransomware

UR - http://www.scopus.com/inward/record.url?scp=85091090340&partnerID=8YFLogxK

UR - https://www.techscience.com/cmc/v64n2/39345

U2 - 10.32604/CMC.2020.010592

DO - 10.32604/CMC.2020.010592

M3 - Article

AN - SCOPUS:85091090340

SN - 1546-2218

VL - 64

SP - 1051

EP - 1061

JO - Computers, Materials and Continua

JF - Computers, Materials and Continua

IS - 2

ER -

An immunization scheme for ransomware

Abstract

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this