RanAware, analysis and detection of ransomware on Windows systems

These past years the use of the computers increased significantly with the introduction of the home office policy caused by the pandemic. This grow has been accompanied by malware attacks and ransomware in particular. Therefore, it is mandatory to have a system able to protect, to prevent and to red...

Descripción completa

Detalles Bibliográficos
Autor: Aznar Puyalto, Pablo
Tipo de recurso: tesis de maestría
Fecha de publicación:2022
País:España
Institución:Universitat Politècnica de Catalunya (UPC)
Repositorio:UPCommons. Portal del coneixement obert de la UPC
Idioma:inglés
OAI Identifier:oai:upcommons.upc.edu:2117/382655
Acceso en línea:https://hdl.handle.net/2117/382655
Access Level:acceso abierto
Palabra clave:Malware (Computer software)
Computer security
Windows
Ransomware
Seguretat informàtica
Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica
Descripción
Sumario:These past years the use of the computers increased significantly with the introduction of the home office policy caused by the pandemic. This grow has been accompanied by malware attacks and ransomware in particular. Therefore, it is mandatory to have a system able to protect, to prevent and to reduce the impact that this type of malware has in an organization. RanAware is a tool that performs an early ransomware detection based on recording file system operations. This information allows RanAware to monitor activity on the file system, collect and process statistics used to determine the presence of a ransomware in the system. After detection, RanAware handles the termination and isolation of the malicious program as well as the creation of an activity report of the ransomware operations. In addition, this project performs an evaluation of the impact that RanAware has in a system.