Extortion extinction: Researchers develop a way to stop ransomware

Scaife, Traynor and colleagues Kevin Butler at UF and Henry Carter at Villanova University lay out the solution in a paper accepted for publication at the IEEE International Conference on Distributed Computing Systems and scheduled to be presented June 29 in Nara, Japan.

The results, they said, were impressive.

"We ran our detector against several hundred ransomware samples that were live," Scaife said, "and in those case it detected 100 percent of those malware samples and it did so after only a median of 10 files were encrypted."

And CryptoDrop works seamlessly with antivirus software.

"About one-tenth of 1 percent of the files were lost," Traynor said, "but the advantage is that it's flexible. We don't have to wait for that anti-virus update. If you have a new version of your ransomware, our system can detect that."

Таким образом, на данный момент программа CryptoDrop способна обнаружить 100% зловредов-вымогателей, а ее недостаток заключается в ключевом принципе ее работы: прежде чем пресечь действия такого зловреда, она должна засечь его действия, благодаря чему он успевает зашифровать несколько файлов.

Extortion extinction: Researchers develop a way to stop ransomware

Scaife, Traynor and colleagues Kevin Butler at UF and Henry Carter at Villanova University lay out the solution in a paper accepted for publication at the IEEE International Conference on Distributed Computing Systems and scheduled to be presented June 29 in Nara, Japan.

The results, they said, were impressive.

"We ran our detector against several hundred ransomware samples that were live," Scaife said, "and in those case it detected 100 percent of those malware samples and it did so after only a median of 10 files were encrypted."

And CryptoDrop works seamlessly with antivirus software.

"About one-tenth of 1 percent of the files were lost," Traynor said, "but the advantage is that it's flexible. We don't have to wait for that anti-virus update. If you have a new version of your ransomware, our system can detect that."

Таким образом, на данный момент программа CryptoDrop способна обнаружить 100% зловредов-вымогателей, а ее недостаток заключается в ключевом принципе ее работы: прежде чем заблокировать такого зловреда, она должна его обнаружить, благодаря чему он успевает зашифровать несколько файлов.