DISCOVERING RANSOMWAREBEHAVIOR BY HOST-BASED APPROACH

摘要

Numerous researchers have discovered multiple types of ransomware that has been rampaging in cybersecurity which is the main concern for business companies where most of their data has been digitalized. However, the main problem in detecting this type of malware, where it is known as sophisticated behavior is quite challenging since it capable to do encryption in file activity system and hide its malicious activity in computer host. Nevertheless, previous researcher also has done major contribution in discovering its pattern and behavior of ransomware and provide numerous solutions in detecting this malware. This paper will be focusing on ransomware behavior during normal file activity system by using host-based approach experiment. The design of the experiment and dataset collection are one of the main important in this experiment for analyzing the ransomware behavior using available tools and software. Then, the behavior of the ransomware will be saved as log file for in-depth analysis. Finally, the results from the experiment will be tabulated and discussed further before the conclusion of the experiment.