Using Software-Defined Networking for Ransomware Mitigation: the Case of CryptoWall release_wamepcjc6bgmvojdhwvllyp5pa

by Krzysztof Cabaj, Wojciech Mazurczyk

Released as a article .

2016  

Abstract

Currently, different forms of ransomware are increasingly threatening Internet users. Modern ransomware encrypts important user data and it is only possible to recover it once a ransom has been paid. In this paper we show how Software-Defined Networking (SDN) can be utilized to improve ransomware mitigation. In more detail, we analyze the behavior of popular ransomware - CryptoWall - and, based on this knowledge, we propose two real-time mitigation methods. Then we designed the SDN-based system, implemented using OpenFlow, which facilitates a timely reaction to this threat, and is a crucial factor in the case of crypto ransomware. What is important is that such a design does not significantly affect overall network performance. Experimental results confirm that the proposed approach is feasible and efficient.
In text/plain format

Archived Files and Locations

application/pdf  616.7 kB
file_esutzywolzbajfswso3fmcarxe
arxiv.org (repository)
web.archive.org (webarchive)
Read Archived PDF
Preserved and Accessible
Type  article
Stage   submitted
Date   2016-08-24
Version   v1
Language   en ?
arXiv  1608.06673v1
Work Entity
access all versions, variants, and formats of this works (eg, pre-prints)
Catalog Record
Revision: 45b11d3c-9dac-4403-9d20-4bf5a2dab5b3
API URL: JSON