ORCID Profile
0000-0002-9969-7682
Current Organisation
Murdoch University
Does something not look right? The information on this page has been harvested from data sources that may not be up to date. We continue to work with information providers to improve coverage and quality. To report an issue, use the Feedback Form.
Publisher: Springer Science and Business Media LLC
Date: 30-06-2013
DOI: 10.5081/JGPS.12.1.38
Publisher: Institute of Electrical and Electronics Engineers (IEEE)
Date: 2020
Publisher: Institute of Electrical and Electronics Engineers (IEEE)
Date: 04-2023
Publisher: IEEE
Date: 07-2018
Publisher: Institution of Engineering and Technology (IET)
Date: 06-2014
Publisher: MDPI AG
Date: 06-10-2023
Publisher: Springer Science and Business Media LLC
Date: 03-01-2019
Publisher: IEEE
Date: 09-2013
Publisher: Institute of Electrical and Electronics Engineers (IEEE)
Date: 07-01-2022
DOI: 10.36227/TECHRXIV.17789735.V1
Abstract: Unwanted data encryption, such as ransomware attacks, continues to be a significant cybersecurity threat. Ransomware is a preferred weapon of cybercriminals who target small to large organizations' computer systems and data centres. It is malicious software that infects a victim's computer system and encrypts all its valuable data files. The victim needs to pay a ransom, often in cryptocurrency, in return for a decryption key. Many solutions use methods, including the inspection of file signatures, runtime process behaviors, API calls, and network traffic, to detect ransomware code. However, unwanted data encryption is still a top threat. This paper presents the first immunity solution, called the digital immunity module (DIM). DIM focuses on protecting valuable business-related data files from unwanted encryption rather than detecting malicious codes or processes. We show that methods such as file entropy and fuzzy hashing can be effectively used to sense unwanted encryption on a protected file, triggering our novel source coding method to paralyze the malicious manipulation of data such as ransomware encryption. Specifically, maliciously encrypted data blocks consume exponentially larger space and longer writing time on the DIM-protected file system. As a result, DIM creates enough time for system/human intervention and forensics analysis. Unlike the existing solutions, DIM protects the data regardless of ransomware families and variants. Additionally, DIM can defend against simultaneously active multiple ransomware, including the most recent hard to detect and stop fileless ones. We tested our solution on 39 ransomware families, including the most recent ransomware attacks. DIM successfully defended our s le file dataset (1335 pdf, jpg, and tiff files) against those ransomware attacks with zero file loss.
Publisher: Springer International Publishing
Date: 2017
Publisher: Springer International Publishing
Date: 2022
Publisher: Springer International Publishing
Date: 2021
Publisher: Institute of Electrical and Electronics Engineers (IEEE)
Date: 07-01-2022
DOI: 10.36227/TECHRXIV.17789735
Abstract: Unwanted data encryption, such as ransomware attacks, continues to be a significant cybersecurity threat. Ransomware is a preferred weapon of cybercriminals who target small to large organizations' computer systems and data centres. It is malicious software that infects a victim's computer system and encrypts all its valuable data files. The victim needs to pay a ransom, often in cryptocurrency, in return for a decryption key. Many solutions use methods, including the inspection of file signatures, runtime process behaviors, API calls, and network traffic, to detect ransomware code. However, unwanted data encryption is still a top threat. This paper presents the first immunity solution, called the digital immunity module (DIM). DIM focuses on protecting valuable business-related data files from unwanted encryption rather than detecting malicious codes or processes. We show that methods such as file entropy and fuzzy hashing can be effectively used to sense unwanted encryption on a protected file, triggering our novel source coding method to paralyze the malicious manipulation of data such as ransomware encryption. Specifically, maliciously encrypted data blocks consume exponentially larger space and longer writing time on the DIM-protected file system. As a result, DIM creates enough time for system/human intervention and forensics analysis. Unlike the existing solutions, DIM protects the data regardless of ransomware families and variants. Additionally, DIM can defend against simultaneously active multiple ransomware, including the most recent hard to detect and stop fileless ones. We tested our solution on 39 ransomware families, including the most recent ransomware attacks. DIM successfully defended our s le file dataset (1335 pdf, jpg, and tiff files) against those ransomware attacks with zero file loss.
Publisher: CRC Press
Date: 25-02-2022
Publisher: Institution of Engineering and Technology (IET)
Date: 31-12-2021
DOI: 10.1049/ITR2.12015
Publisher: Institute of Electrical and Electronics Engineers (IEEE)
Date: 03-2019
Publisher: IEEE
Date: 12-2014
Publisher: Institute of Electrical and Electronics Engineers (IEEE)
Date: 2015
No related grants have been discovered for Keyvan Ansari.