Monday, April 25, 2016 [Tweets] [Favorites]

Towards Generic Ransomware Detection

Patrick Wardle:

I don’t claim to be an expert on ransomware, but after studying various specimens, a general (and obvious?) commonality seems to be that ransomware rapidly encrypts user files. (And after googling around, it appears that others allude to having perhaps similar ideas - at least for Windows). So to me, this rapid encryption of user files, seemed like a promising heuristic that could lead to the generic detection and prevention of ransomware.

Comments

Stay up-to-date by subscribing to the Comments RSS Feed for this post.

Leave a Comment