Since the appearance of ransomware in the cyber crime scene, researchers and anti-malware companies have been offering solutions to mitigate the threat. Anti-malware solutions differ on the specific strategy they implement, and all have pros and cons. However, three requirements concern them all: their implementation must be secure, be effective, and be efficient. Recently, Genç et al. proposed to stop a specific class of ransomware, the cryptographically strong one, by blocking unauthorized calls to cryptographically secure pseudo-random number generators, which are required to build strong encryption keys. Here, in adherence to the requirements, we discuss an implementation of that solution that is more secure (with components that are not vulnerable to known attacks), more effective (with less false negatives in the class of ransomware addressed) and more efficient (with minimal false positive rate and negligible overhead) than the original, bringing its security and technological readiness to a higher level.
CITATION STYLE
Genç, Z. A., Lenzini, G., & Ryan, P. Y. A. (2020). NoCry: No More Secure Encryption Keys for Cryptographic Ransomware. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11967 LNCS, pp. 69–85). Springer. https://doi.org/10.1007/978-3-030-39749-4_5
Mendeley helps you to discover research relevant for your work.