redemption real time protection against ransomware at end
play

Redemption: Real-Time Protection Against Ransomware at End-Hosts - PowerPoint PPT Presentation

Oct 20, 2023 •368 likes •718 views

Redemption: Real-Time Protection Against Ransomware at End-Hosts WRITTEN BY: PRESENTED BY: AMIN KHARRAZ NICHOLAS BURTON ENGIN KIRDA What is Ransomware? What is Ransomware? u Ransomware is malicious software that encrypts user data, and

  1. Redemption: Real-Time Protection Against Ransomware at End-Hosts WRITTEN BY: PRESENTED BY: AMIN KHARRAZ NICHOLAS BURTON ENGIN KIRDA

  2. What is Ransomware?

  3. What is Ransomware? u Ransomware is malicious software that encrypts user data, and demands a ransom is paid to unlock it.

  4. Well that sucks, how do I get my data back?

  5. Data Retrieval u The easiest solution: keep a backup of your files.

  6. Data Retrieval u The easiest solution: keep a backup of your files. u If and when you system is compromised by ransomware, you can use the backup to get back your files.

  7. I don’t have a backup … .

  8. I don’t have a backup … . and I NEED those files!

  9. This is really bad, can I prevent this?

  10. Prevention u CryptoDrop

  11. Prevention u CryptoDrop u SheildFS

  12. Prevention u CryptoDrop u SheildFS u PayBreak

  13. None of those work very well, what now?

  14. Redemption, Real-Time Protection

  15. Redemption Design Overview Two Components of Redemption u A characterization of ransomware behavior based on a large class of current ransomware. u High performance and integrity mechanism to restore attacked files.

  16. Redemption Design Overview

  17. How to determine Malice Score?

  18. Malice Score Two Components of Malice Score Calculation u Content-based features u Behavior-based features

  19. Content-Based Features u Entropy Ratio of Data Blocks (Shannon Entropy)

  20. Content-Based Features u Entropy Ratio of Data Blocks (Shannon Entropy) u File Content Overwrite

  21. Content-Based Features u Entropy Ratio of Data Blocks (Shannon Entropy) u File Content Overwrite u Delete Operations

  22. Behavior-based Features u Directory Traversal

  23. Behavior-based Features u Directory Traversal u Converting Files to a Specific Type

  24. Behavior-based Features u Directory Traversal u Converting Files to a Specific Type u Access Frequency

  25. Why two components of malice score calculation?

  26. Why two components of malice score calculation?

  27. Acceptable Malice Score

  28. Testing Against Other Anti-Ransomware Applications

  29. Overhead

  30. Getting around Redemption

  31. Social Engineering u Aggravating a user to the point were they turn off Redemption .

  32. Attacking the Malice Score Calculation u Selective content Overwrite u Low entropy payload u Periodic file destruction

  33. Questions?

Recommend

Real-time Protection Against Ransomware at End-Hosts Written By Amin Kharraz and Engin Kirda

Real-time Protection Against Ransomware at End-Hosts Written By Amin Kharraz and Engin Kirda

Redemption: Real-time Protection Against Ransomware at End-Hosts Written By Amin Kharraz and Engin Kirda RAJSHAKHAR PAUL Outlines Introduction Existing works Contribution Threat Model Design Overview Evaluation

527 views • 48 slides
On Deception-Based Protection Against Cryptographic Ransomware Ziya Alper Gen, Gabriele

On Deception-Based Protection Against Cryptographic Ransomware Ziya Alper Gen, Gabriele

On Deception-Based Protection Against Cryptographic Ransomware Ziya Alper Gen, Gabriele Lenzini, and Daniele Sgandurra June 20, 2019 Ransomware Threat 1 Ransomware Threat 1 Deception-Based Anti-Ransomware In the context of ransomware,

507 views • 22 slides
1 February 4, 2020 Ransomware works Who: Ransomware is a threat vector that is rife for bad

1 February 4, 2020 Ransomware works Who: Ransomware is a threat vector that is rife for bad

Geoff Hale 1 February 4, 2020 Ransomware works Who: Ransomware is a threat vector that is rife for bad actors, both criminal enterprises and nation-states have made use of ransomware. What: Ransomware is a type of malware that encrypts

358 views • 6 slides
Responding To Ransomware Ransomware Nightmares X by Invincea Ransomware is getting more

Responding To Ransomware Ransomware Nightmares X by Invincea Ransomware is getting more

X by Invincea Responding To Ransomware Ransomware Nightmares X by Invincea Ransomware is getting more sophisticated, and shifting to an enterprise threat Ransomware Nightmares X by Invincea To Pay Or Not To Pay? X by Invincea Your money or

780 views • 23 slides
It Is Finished God has accomplished redemption by Christ and applies redemption in Christ to

It Is Finished God has accomplished redemption by Christ and applies redemption in Christ to

It Is Finished God has accomplished redemption by Christ and applies redemption in Christ to his people. The Covenant of Redemption It is Finished When Jesus had received the sour wine, he said, It is finished, and he

363 views • 18 slides
Enterprise Redemption or: How I Learned To Stop Worrying And Love the JVM Enterprise Redemption

Enterprise Redemption or: How I Learned To Stop Worrying And Love the JVM Enterprise Redemption

Enterprise Redemption or: How I Learned To Stop Worrying And Love the JVM Enterprise Redemption or: How I Learned To Stop Worrying And Love the JVM @yawnt Once upon a time... Web Services? Is that all there is? Evaluate. How? Community.

637 views • 40 slides
Real- Real -Time Systems Time Systems Real- -Time Systems Time Systems Real

Real- Real -Time Systems Time Systems Real- -Time Systems Time Systems Real

EDA222/DIT160 Real-Time Systems, Chalmers/GU, 2008/2009 Lecture #15 Updated 2009-03-03 Dependable Distributed Dependable Distributed Real- Real -Time Systems Time Systems Real- -Time Systems Time Systems Real Aircraft/automotive

501 views • 9 slides
Ransomware Overview Our analysis leads us to expect increased ransomware activity over 2016 (new

Ransomware Overview Our analysis leads us to expect increased ransomware activity over 2016 (new

Ransomware Overview Our analysis leads us to expect increased ransomware activity over 2016 (new attacker entrants, lower cost through kit automation, etc.) Take consumer and enterprise digital assets hostage using high- strength encryption

365 views • 18 slides
RTOS Real-Time Operating Systems Chenyang Lu OS Support for Real-Time Real-Time OS

RTOS Real-Time Operating Systems Chenyang Lu OS Support for Real-Time Real-Time OS

RTOS Real-Time Operating Systems Chenyang Lu OS Support for Real-Time Real-Time OS Real-time extensions to general-purpose OS Chenyang Lu 2 RTOS: Features for Efficiency Small Minimal set of functionality Fast context switch

504 views • 16 slides
Ransomware Eradication using Biomorphic Perimeterisation Introduction Types of

Ransomware Eradication using Biomorphic Perimeterisation Introduction Types of

Ransomware Eradication using Biomorphic Perimeterisation Introduction Types of Ransomware Technology Perspective and Attacked Devices Ransomware Economy Security Conditions Biomorphic Perimeterisation How to generate a

860 views • 61 slides
Real Real- -Time Systems Time Systems Designing a real- Designing a real -time system time

Real Real- -Time Systems Time Systems Designing a real- Designing a real -time system time

EDA222/DIT160 Real-Time Systems, Chalmers/GU, 2008/2009 Lecture #10 Updated 2009-02-15 Real Real- -Time Systems Time Systems Designing a real- Designing a real -time system time system Logical function What should be done &

500 views • 8 slides
Real-time raise alerts Real-Time Real-time with historical Dashboard Correlate

Real-time raise alerts Real-Time Real-time with historical Dashboard Correlate

Real-time raise alerts Real-Time Real-time with historical Dashboard Correlate Engine + Fabric Offline Develop initial monitoring query Back-test Progressive Non-temporal analysis Interactive Query Authoring

383 views • 15 slides
A PRACTICAL GUIDE FOR USE OF REAL TIME DETECTION SYSTEMS FOR WORKER PROTECTION AND COMPLIANCE

A PRACTICAL GUIDE FOR USE OF REAL TIME DETECTION SYSTEMS FOR WORKER PROTECTION AND COMPLIANCE

A PRACTICAL GUIDE FOR USE OF REAL TIME DETECTION SYSTEMS FOR WORKER PROTECTION AND COMPLIANCE WITH OCCUPATIONAL EXPOSURE LIMITS DOE and DOE Contractors Industrial Hygiene Meeting In conjunction with the 2019 American Industrial Hygiene

726 views • 39 slides
Redemption Matthew 7:1-12 A Heart For Redemption A Heart For Redemption 1. See yourself clearly

Redemption Matthew 7:1-12 A Heart For Redemption A Heart For Redemption 1. See yourself clearly

A Heart For Redemption Matthew 7:1-12 A Heart For Redemption A Heart For Redemption 1. See yourself clearly 1 Do not judge, or you too will be judged. A Heart For Redemption 1. See yourself clearly 1 Do not judge, or you too will be

763 views • 16 slides
Real-Time Operating system (RTOS) Real-time Embedded systems often have real-time computing

Real-Time Operating system (RTOS) Real-time Embedded systems often have real-time computing

Real-Time Operating system (RTOS) Real-time Embedded systems often have real-time computing constraints (Temporal) Determinism Correctness of system depends not only on the logical result of the computation, but also on the time at which

531 views • 13 slides
Real- Real -time systems time systems Real- Real -time programming time programming

Real- Real -time systems time systems Real- Real -time programming time programming

EDA222/DIT160 Real-Time Systems, Chalmers/GU, 2008/2009 Lecture #2 Updated 2009-01-18 Real- Real -time systems time systems Real- Real -time programming time programming Recommended programming method: Recommended programming method:

251 views • 8 slides
Real-Time Performance of Linux Among others: A Measurement-Based Analysis of the Real-Time

Real-Time Performance of Linux Among others: A Measurement-Based Analysis of the Real-Time

CPSC-663: Real-Time Systems Linux, Preemption, and Real-Time Real-Time Performance of Linux Among others: A Measurement-Based Analysis of the Real-Time Performance of Linux (L. Abeni , A. Goel, C. Krasic, J. Snow, J. Walpole) [RTAS

472 views • 9 slides
Real- -Time Systems Time Systems Real Specification Implementation Task model

Real- -Time Systems Time Systems Real Specification Implementation Task model

EDA222/DIT160 Real-Time Systems, Chalmers/GU, 2008/2009 Lecture #10 Updated 2009-02-15 Real- -Time Systems Time Systems Real Specification Implementation Task model Execution-time analysis Verification Designing a real-

487 views • 15 slides
Real-time KVM from the ground up LinuxCon NA 2016 Rik van Riel Red Hat Real-time KVM What

Real-time KVM from the ground up LinuxCon NA 2016 Rik van Riel Red Hat Real-time KVM What

Real-time KVM from the ground up LinuxCon NA 2016 Rik van Riel Red Hat Real-time KVM What is real time? Hardware pitfalls Realtime preempt Linux kernel patch set KVM & qemu pitfalls KVM configuration Scheduling

400 views • 21 slides
Real Time Operating Systems from Fundamentals of Real Time Systems Mukul Shirvaikar &

Real Time Operating Systems from Fundamentals of Real Time Systems Mukul Shirvaikar &

Real Time Operating Systems from Fundamentals of Real Time Systems Mukul Shirvaikar & Theodore Elbert Chapter 4 1 Real Time Systems Design Various design approaches implemented by system designers to meet real-time requirements

718 views • 36 slides
RAP Tight integration with the physical world Location aware Communication patterns:

RAP Tight integration with the physical world Location aware Communication patterns:

Real-time Systems Speed/RAP/CODA Speed/RAP/CODA Many wireless sensor network applications require real-time support Surveillance and tracking Border patrol Fire fighting Real-time systems: Hard real-time: guarantee

476 views • 9 slides
Update on Ransomware Technology 60 Minutes Video ransomware ( noun) A type of malware that

Update on Ransomware Technology 60 Minutes Video ransomware ( noun) A type of malware that

Update on Ransomware Technology 60 Minutes Video ransomware ( noun) A type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users files unless a ransom is paid.

517 views • 30 slides
Troubling Times: Ransomware Across Texas Deputy Chief Information Security Officer Andy

Troubling Times: Ransomware Across Texas Deputy Chief Information Security Officer Andy

Troubling Times: Ransomware Across Texas Deputy Chief Information Security Officer Andy Bennett 2019 Cybersecurity Awareness Month Event October 22, 2019 2019 Texas Headlines Ransomware Ransomware Cyber criminals holding your data and

450 views • 23 slides
Real- -Time Systems Time Systems Real Ada 95 Specification Clocks, time, delay Task

Real- -Time Systems Time Systems Real Ada 95 Specification Clocks, time, delay Task

EDA222/DIT160 Real-Time Systems, Chalmers/GU, 2008/2009 Lecture #4 Updated 2009-01-25 Real- -Time Systems Time Systems Real Ada 95 Specification Clocks, time, delay Task priorities Implementation Verification Ada 95

157 views • 13 slides

More recommend