The Effective Ransomware Prevention Technique Using Process Monitoring on Android Platform

The Effective Ransomware Prevention Technique Using Process Monitoring on Android Platform

Due to recent indiscriminate attacks of ransomware, damage cases including encryption of users’ important files are constantly increasing. The existing vaccine systems are vulnerable to attacks of new pattern ransomware because they can only detect the ransomware of existing patterns. More effective...

Full description

Bibliographic Details
Main Authors: Sanggeun Song, Bongjoon Kim, Sangjun Lee
Format: Article
Language:English
Published: Hindawi Limited 2016-01-01
Series:Mobile Information Systems
Online Access:http://dx.doi.org/10.1155/2016/2946735
id doaj-4dd2d4bb6275467f895abb5ec70f30e3
record_format Article
spelling doaj-4dd2d4bb6275467f895abb5ec70f30e32021-07-02T08:46:58ZengHindawi LimitedMobile Information Systems1574-017X1875-905X2016-01-01201610.1155/2016/29467352946735The Effective Ransomware Prevention Technique Using Process Monitoring on Android PlatformSanggeun Song0Bongjoon Kim1Sangjun Lee2School of Computing, Soongsil University, Sangdo-ro, Dongjak-gu, Seoul 06978, Republic of KoreaSchool of Computing, Soongsil University, Sangdo-ro, Dongjak-gu, Seoul 06978, Republic of KoreaSchool of Computing, Soongsil University, Sangdo-ro, Dongjak-gu, Seoul 06978, Republic of KoreaDue to recent indiscriminate attacks of ransomware, damage cases including encryption of users’ important files are constantly increasing. The existing vaccine systems are vulnerable to attacks of new pattern ransomware because they can only detect the ransomware of existing patterns. More effective technique is required to prevent modified ransomware. In this paper, an effective method is proposed to prevent the attacks of modified ransomware on Android platform. The proposed technique specifies and intensively monitors processes and specific file directories using statistical methods based on Processor usage, Memory usage, and I/O rates so that the process with abnormal behaviors can be detected. If the process running a suspicious ransomware is detected, the proposed system will stop the process and take steps to confirm the deletion of programs associated with the process from users. The information of suspected and exceptional processes confirmed by users is stored in a database. The proposed technique can detect ransomware even if you do not save its patterns. Its speed of detection is very fast because it can be implemented in Android source code instead of mobile application. In addition, it can effectively determine modified patterns of ransomware and provide protection with minimum damage.http://dx.doi.org/10.1155/2016/2946735
collection DOAJ
language English
format Article
sources DOAJ
author Sanggeun Song
Bongjoon Kim
Sangjun Lee
spellingShingle Sanggeun Song
Bongjoon Kim
Sangjun Lee
The Effective Ransomware Prevention Technique Using Process Monitoring on Android Platform
Mobile Information Systems
author_facet Sanggeun Song
Bongjoon Kim
Sangjun Lee
author_sort Sanggeun Song
title The Effective Ransomware Prevention Technique Using Process Monitoring on Android Platform
title_short The Effective Ransomware Prevention Technique Using Process Monitoring on Android Platform
title_full The Effective Ransomware Prevention Technique Using Process Monitoring on Android Platform
title_fullStr The Effective Ransomware Prevention Technique Using Process Monitoring on Android Platform
title_full_unstemmed The Effective Ransomware Prevention Technique Using Process Monitoring on Android Platform
title_sort effective ransomware prevention technique using process monitoring on android platform
publisher Hindawi Limited
series Mobile Information Systems
issn 1574-017X
1875-905X
publishDate 2016-01-01
description Due to recent indiscriminate attacks of ransomware, damage cases including encryption of users’ important files are constantly increasing. The existing vaccine systems are vulnerable to attacks of new pattern ransomware because they can only detect the ransomware of existing patterns. More effective technique is required to prevent modified ransomware. In this paper, an effective method is proposed to prevent the attacks of modified ransomware on Android platform. The proposed technique specifies and intensively monitors processes and specific file directories using statistical methods based on Processor usage, Memory usage, and I/O rates so that the process with abnormal behaviors can be detected. If the process running a suspicious ransomware is detected, the proposed system will stop the process and take steps to confirm the deletion of programs associated with the process from users. The information of suspected and exceptional processes confirmed by users is stored in a database. The proposed technique can detect ransomware even if you do not save its patterns. Its speed of detection is very fast because it can be implemented in Android source code instead of mobile application. In addition, it can effectively determine modified patterns of ransomware and provide protection with minimum damage.
url http://dx.doi.org/10.1155/2016/2946735
work_keys_str_mv AT sanggeunsong theeffectiveransomwarepreventiontechniqueusingprocessmonitoringonandroidplatform
AT bongjoonkim theeffectiveransomwarepreventiontechniqueusingprocessmonitoringonandroidplatform
AT sangjunlee theeffectiveransomwarepreventiontechniqueusingprocessmonitoringonandroidplatform
AT sanggeunsong effectiveransomwarepreventiontechniqueusingprocessmonitoringonandroidplatform
AT bongjoonkim effectiveransomwarepreventiontechniqueusingprocessmonitoringonandroidplatform
AT sangjunlee effectiveransomwarepreventiontechniqueusingprocessmonitoringonandroidplatform
_version_ 1721334145742798848

Similar Items