Ransomware prevention using application authentication-based file access control

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

6 Scopus citations

Abstract

Ransomware emerged in recent years as one of the most significant cyber threats facing both individuals and organizations, inflicting global damage costs that are estimated upwards of $1 billion in 2016 alone [23]. The increase in the scale and impact of recent ransomware attacks highlights the need of finding effective countermeasures. We present AntiBotics - a novel system for application authentication-based file access control. AntiBotics enforces a file access-control policy by presenting periodic identification/ authorization challenges. We implemented AntiBotics for Windows. Our experimental evaluation shows that contemporary ransomware programs are unable to encrypt any of the files protected by AntiBotics and that the daily rate of challenges it presents to users is very low. We discuss possible ways in which future ransomware may attempt to attack AntiBotics and explain how these attacks can be thwarted.

Original languageEnglish
Title of host publicationProceedings of the 33rd Annual ACM Symposium on Applied Computing, SAC 2018
PublisherAssociation for Computing Machinery
Pages1610-1619
Number of pages10
ISBN (Electronic)9781450351911
DOIs
StatePublished - 9 Apr 2018
Event33rd Annual ACM Symposium on Applied Computing, SAC 2018 - Pau, France
Duration: 9 Apr 201813 Apr 2018

Publication series

NameProceedings of the ACM Symposium on Applied Computing

Conference

Conference33rd Annual ACM Symposium on Applied Computing, SAC 2018
Country/TerritoryFrance
CityPau
Period9/04/1813/04/18

Keywords

  • Access control
  • Antibotics
  • Authorization
  • Biometrics
  • Ransomware

Fingerprint

Dive into the research topics of 'Ransomware prevention using application authentication-based file access control'. Together they form a unique fingerprint.

Cite this