Anti-ransomware method based on active deception

CHEN Kai; MA Duohe; TANG Zhimin; DAI Jun

Tongxin xuebao (Jul 2024)

Anti-ransomware method based on active deception

CHEN Kai,
MA Duohe,
TANG Zhimin,
DAI Jun

Affiliations

CHEN Kai
MA Duohe
TANG Zhimin
DAI Jun

Journal volume & issue: Vol. 45
pp. 148 – 158

Abstract

Read online

Considering the serious threat that ransomware poses to data security and the increasing intelligence and complexity of its attack methods, an anti-ransomware method based on active deception was proposed to address the limitations of traditional defense methods. By combining static heuristic algorithms and dynamic heuristic algorithms to dynamically deploy deceptive files, a dynamic file security model based on active deception was established. Different strategies were employed to generate dynamic deceptive files for ransomware of different risk levels, confusing ransomware by simulating the characteristics of real data, making it unable to distinguish between real and deceptive data, thus protecting users’ real data from encryption or destruction. Experimental results show that the proposed method effectively increases the dynamism, diversity, and deceptiveness of files, significantly expanding the shifting space of data attack surfaces and effectively defending against ransomware attacks.

active deception;anti-ransomware;data attack surface;data deception

Published in Tongxin xuebao

ISSN: 1000-436X (Print)
Publisher: Editorial Department of Journal on Communications
Country of publisher: China
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Telecommunication
Website: http://www.infocomm-journal.com/txxb/EN/1000-436X/home.shtml

About the journal

Abstract

Keywords