Presentation Title

Three Ways to Protect Against Ransomware

Format of Presentation

Poster to be presented Friday March 31, 2017

Abstract

Our project proposes a new solution that provides three layers of protection against ransomware. Ransomware infects computer systems by tricking a user into clicking on a link, then preventing access to that machine until the user pays a ransom.

Our first defense layer provides the user with mechanisms to prevent them from clicking on malicious links. This is achieved by using outlook add-ins which disable hyperlinks and provide additional information to help users make the right decision.

Our second defense layer uses machine learning algorithms to learn about normal user behavior, then capture an abnormal event which could potentially harm the user's machine to stop a ransomware infection. Abnormal behavior could include a process that encrypts the whole hard disk drive.

Our third defense layer provides the system admin with a way of being notified by computer infections, capturing this data and providing ways of locking down the user machine to prevent further damage. The information is saved in real-time in a database in the cloud in order to help minimize risk. From here, the admin is then able to take immediate action if an infection occurs.

Department

Computing Science

Faculty Advisor

Haytham El Miligi

This document is currently not available here.

Share

COinS
 

Three Ways to Protect Against Ransomware

Our project proposes a new solution that provides three layers of protection against ransomware. Ransomware infects computer systems by tricking a user into clicking on a link, then preventing access to that machine until the user pays a ransom.

Our first defense layer provides the user with mechanisms to prevent them from clicking on malicious links. This is achieved by using outlook add-ins which disable hyperlinks and provide additional information to help users make the right decision.

Our second defense layer uses machine learning algorithms to learn about normal user behavior, then capture an abnormal event which could potentially harm the user's machine to stop a ransomware infection. Abnormal behavior could include a process that encrypts the whole hard disk drive.

Our third defense layer provides the system admin with a way of being notified by computer infections, capturing this data and providing ways of locking down the user machine to prevent further damage. The information is saved in real-time in a database in the cloud in order to help minimize risk. From here, the admin is then able to take immediate action if an infection occurs.