Using Software-Defined Networking for Ransomware Mitigation: the Case of
CryptoWall
release_wamepcjc6bgmvojdhwvllyp5pa
by
Krzysztof Cabaj, Wojciech Mazurczyk
2016
Abstract
Currently, different forms of ransomware are increasingly threatening
Internet users. Modern ransomware encrypts important user data and it is only
possible to recover it once a ransom has been paid. In this paper we show how
Software-Defined Networking (SDN) can be utilized to improve ransomware
mitigation. In more detail, we analyze the behavior of popular ransomware -
CryptoWall - and, based on this knowledge, we propose two real-time mitigation
methods. Then we designed the SDN-based system, implemented using OpenFlow,
which facilitates a timely reaction to this threat, and is a crucial factor in
the case of crypto ransomware. What is important is that such a design does not
significantly affect overall network performance. Experimental results confirm
that the proposed approach is feasible and efficient.
In text/plain
format
Archived Files and Locations
application/pdf 616.7 kB
file_esutzywolzbajfswso3fmcarxe
|
arxiv.org (repository) web.archive.org (webarchive) |
1608.06673v1
access all versions, variants, and formats of this works (eg, pre-prints)