A three-level ransomware detection and prevention mechanism

Abstract

Ransomware encrypts victim's files or locks users out of the system. Victims will have to pay the attacker a ransom to decrypt and regain access to the user files. Petya targets individuals and companies through email attachments and download links. NotPetya has worm-like capabilities and exploits EternalBlue and EternalRomance vulnerabilities. Protection methods include vaccination, applying patches, et cetera. Challenges faced to combat ransomware include social engineering, outdated infrastructures, technological advancements, backup issues, and conflicts of standards. Three- Level Security (3LS) is a solution to ransomware that utilizes virtual machines along with browser extensions to perform a scan, on any files that the user wishes to download from the Internet. The downloaded files would be sent over a cloud server relay to a virtual machine by a browser extension. Any changes to the virtual machine after downloading the file would be observed, and if there were a malfunction in the virtual machine, the file would not be retrieved to the user's system.