Ransomware Identification Through Sandbox Environment
Lecture Notes in Networks and Systems
; 560 LNNS:326-335, 2023.
Artigo
em Inglês
| Scopus | ID: covidwho-2244168
ABSTRACT
Latin America suffered more than 41 billion attempted cyberattacks in 2020, as the COVID-19 pandemic generated remote working, setting conditions for cybercriminals to exploit vulnerabilities in corporate computer networks. The general objective of this research was to implement sandbox technology to protect against ransomware attacks in a local network of a financial institution. The implementation of Sandbox technology was developed with opensource software. To this end, a server with sandbox technology was implemented and configured to manage all operations performed by customers. A test lab was implemented with five machines in a virtualized environment. Five types of ransomware were collected and downloaded from the tutorialjinni page, executed in the test lab and analyzed by Cuckoo Sandbox, the latter reported that of the five ransomware injected, 100% were detected and successfully isolated, using on average 0.89 Gb of ram memory and with an average time of 123.6 s, which demonstrated that Cuckoo Sandbox is effective and optimal in utilizing hardware resources, thus contributing to the perimeter security of the computer network. © 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
Texto completo:
Disponível
Coleções:
Bases de dados de organismos internacionais
Base de dados:
Scopus
Idioma:
Inglês
Revista:
Lecture Notes in Networks and Systems
Ano de publicação:
2023
Tipo de documento:
Artigo
Similares
MEDLINE
...
LILACS
LIS