Open Access
ARTICLE
An Immunization Scheme for Ransomware
1 Software College, Northeastern University, Shenyang, 110169, China.
2 School of Cyber Science and Engineering, Wuhan University, Wuhan, 430072, China.
3 School of Computing, University of Portsmouth, Portsmouth, PO1 2DT, UK.
* Corresponding Author: Jian Xu. Email: .
Computers, Materials & Continua 2020, 64(2), 1051-1061. https://doi.org/10.32604/cmc.2020.010592
Received 12 March 2020; Accepted 14 April 2020; Issue published 10 June 2020
Abstract
In recent years, as the popularity of anonymous currencies such as Bitcoin has made the tracking of ransomware attackers more difficult, the amount of ransomware attacks against personal computers and enterprise production servers is increasing rapidly. The ransomware has a wide range of influence and spreads all over the world. It is affecting many industries including internet, education, medical care, traditional industry, etc. This paper uses the idea of virus immunity to design an immunization solution for ransomware viruses to solve the problems of traditional ransomware defense methods (such as anti-virus software, firewalls, etc.), which cannot meet the requirements of rapid detection and immediate prevention of new outbreaks attacks. Our scheme includes two parts: server and client. The server provides an immune configuration file and configuration file management functions, including a configuration file module, a cryptography algorithm module, and a display module. The client obtains the immunization configuration file from server in real time, and performs the corresponding operations according to the configuration file to make the computer have an immune function for a specific ransomware, including an update module, a configuration file module, a cryptography algorithm module, a control module, and a log module. This scheme controls mutexes, services, files and registries respectively, to destroy the triggering conditions of the virus and finally achieve the purpose of immunizing a computer from a specific ransomware.Keywords
Cite This Article
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.