SYNCHRONOUS VERSIONED STORAGE AS AN ADDED SECURITY LAYER AGAINST OF CRYPTO-RANSOMWARE
Published 2018-03-09
Keywords
- Synchronous Versioned Storage/Integrity and Availability/Malware/Ransomware
How to Cite
Abstract
This work aim the problem of data encryption in an unauthorized way because of the crypto-ransomware, a type of malware with high effectiveness in its task. Cybercriminals use this type of malware to obtain a ilegal economic benefit, which has caused sizeable economic losses around the world. Although traditional protection methods exist to avoid infection with this type of malware, the study is based on the premise that the infection is imminent, and proposes a storage scheme with cloud technology, combining version control and synchronous backup, in order to recover the data and information affected in case of an eventual attack by crypto-ransomware. This is, in summary, an experimental study involving field work and development, innovating existing concepts to give it a new use different from its area of application, and thus solve a problem of high impact today through a scheme Generic, economical and scalable to any magnitude and size of infrastructure.
Downloads
References
[2] S. Sánchez, “Importancia de implementar el SGSI en una empresa certificada BASC”, Bogotá, D.C.: Universidad Militar Nueva Granada, 2014.
[3] “Internet Security Threat Report 2014”, Symantec, 19, 2014.
[4] “Informe de Amenazas a la Seguridad de Internet”, Symantec, 21, 2016.
[5] A. Kharraz, W. Robertson, D. Balzarotti, L. Bilge, y E. Kirda, “Cutting the Gordian Knot: A Look Under the Hood of Ransomware Attacks”, presentado en International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, 2015, pp. 3–24.
[6] E. Ruiz, “Técnicas criptográficas utilizadas en malware”, Trabajo fin de grado, Universidad Politécnica de Madrid, Madrid, 2015.
[7] A. Bhardwaj, V. Avasthi, H. Sastry, y G. V. B. Subrahmanyam, “Ransomware Digital Extortion: A Rising New Age Threat”, Indian Journal of Science and Technology, vol. 9, núm. 14, Abril 2016.
[8] A. Gazet, “Comparative analysis of various ransomware virii”, J Comput Virol, vol. 6, núm. 1, pp. 77–90, 2010.
[9] J. Mieres, “Ataques informáticos: Debilidades de seguridad comúnmente explotadas”, ene-2009.
[10] Y. Zhou y X. Jiang, “Dissecting Android Malware: Characterization and Evolution”, en 2012 IEEE Symposium on Security and Privacy, 2012, pp. 95–109.
[11] Internet Crime Complaint Center, “Public Service Announcement: Criminals Continue to Defraud and Extort Funds from Victims Using CryptoWall Ransomware Schemes”, 23-jun-2015. [En línea]. Disponible en: https://www.ic3.gov/media/2015/150623.aspx [Consultado: 13-dic-2016].
[12] S. Pagnotta, “CryptoWall, el ransomware más activo: reportan pérdidas por 18 millones de dólares”, We Live Security en Español, 24-jun-2015. [En línea]. Disponible en: http://www.welivesecurity.com/la-es/2015/06/24/cryptowall-ransomware-activo-millones-dolares/. [Consultado: 26-dic-2015].
[13] X. Luo y Q. Liao, “Awareness Education as the Key to Ransomware Prevention”, Information Systems Security, vol. 16, núm. 4, pp. 195–202, 2007.
[14] G. O’Gorman y G. McDonald, “Ransomware: A Growing Menace”, Symantec Security Response, 2012.
[15] M. G. Moreno, Introducción a la Metodología de la investigación educativa 2, 2a reimpresión., vol. 2. México, D.F.: Editorial Progreso, 2000.
[16] H. A. Martínez García y L. B. Chuc Us, “Hidden Tear: Análisis del primer Ransomware Open Source.”, en Avances y perspectivas de la innovación, investigación y vinculación, Mérida Yucatán, México, 2015, vol. 1, pp. 31–54.
[17] Y. Nativ, theZoo: A repository of LIVE malwares for your own joy and pleasure. 2017. Disponible en: https://github.com/ytisf/theZoo.