UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware

Speaker/Bio

Amin Kharraz is a PHD candidate in Information Assurance at NEU Systems Security Lab. He is interested in practical security issues with focus on malware analysis and web security.

Abstract

Although the concept of ransomware is not new, this type of malware has recently experienced a resurgence in popularity. In fact, in 2015 and 2016, a number of high-profile ransomware attacks were reported, such as the large-scale attack against Sony that prompted the company to delay the release of the film "The Interview". While many generic malware detection systems have been proposed, none of these systems have attempted to specifically address the ransomware detection problem. In this talk, we present a dynamic analysis system called UNVEIL that is specifically designed to detect ransomware. Our evaluation shows that UNVEIL significantly improves the state of the art, and is able to identify previously unknown evasive ransomware that was not detected by the anti-malware industry.