{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,25]],"date-time":"2026-03-25T14:27:16Z","timestamp":1774448836562,"version":"3.50.1"},"publisher-location":"Cham","reference-count":35,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319663319","type":"print"},{"value":"9783319663326","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-66332-6_5","type":"book-chapter","created":{"date-parts":[[2017,10,11]],"date-time":"2017-10-11T11:58:05Z","timestamp":1507723085000},"page":"98-119","source":"Crossref","is-referenced-by-count":100,"title":["Redemption: Real-Time Protection Against Ransomware at End-Hosts"],"prefix":"10.1007","author":[{"given":"Amin","family":"Kharraz","sequence":"first","affiliation":[]},{"given":"Engin","family":"Kirda","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,10,12]]},"reference":[{"key":"5_CR1","unstructured":"Minotaur Analysis - Malware Repository. minotauranalysis.com\/"},{"key":"5_CR2","unstructured":"Malware Tips - Your Security Advisor. http:\/\/malwaretips.com\/forums\/virus-exchange.104\/"},{"key":"5_CR3","unstructured":"MalwareBlackList - Online Repository of Malicious URLs. http:\/\/www.malwareblacklist.com"},{"key":"5_CR4","unstructured":"A brief demo on how Redemption operates (2016). https:\/\/www.youtube.com\/watch?v=iuEgFVz7a7g"},{"key":"5_CR5","unstructured":"AutoIt (2016). https:\/\/www.autoitscript.com\/site\/autoit\/"},{"key":"5_CR6","unstructured":"IOzone Filesystem Benchmark (2016). www.iozone.org"},{"key":"5_CR7","unstructured":"Ajjan, A.: Ransomware: Next-Generation Fake Antivirus (2013). http:\/\/www.sophos.com\/en-us\/medialibrary\/PDFs\/technicalpapers\/SophosRansomwareFakeAntivirus.pdf"},{"key":"5_CR8","unstructured":"Hern, A.: Major sites including New York Times and BBC hit By Ransomware Malvertising (2016). https:\/\/www.theguardian.com\/technology\/2016\/mar\/16\/major-sites-new-york-times-bbc-ransomware-malvertising"},{"key":"5_CR9","unstructured":"Hern, A.: Ransomware threat on the rise as almost 40 percent of bussinesses attacked (2016). https:\/\/www.theguardian.com\/technology\/2016\/aug\/03\/ransomware-threat-on-the-rise-as-40-of-businesses-attacked"},{"key":"5_CR10","unstructured":"Dalton, A.: Hospital paid 17K ransom to hackers of its computer network (2016). http:\/\/bigstory.ap.org\/article\/d89e63ffea8b46d98583bfe06cf2c5af\/hospital-paid-17k-ransom-hackers-its-computer-network"},{"key":"5_CR11","unstructured":"BBC News. University pays 20,000 Dollars to ransomware hackers (2016). http:\/\/www.bbc.com\/news\/technology-36478650"},{"key":"5_CR12","unstructured":"Osborne, C.: Researchers launch another salvo at CryptXXX ransomware (2016). http:\/\/www.zdnet.com\/article\/researchers-launch-another-salvo-at-cryptxxx-ransomware\/"},{"key":"5_CR13","unstructured":"Francescani, C.: Ransomware Hackers Blackmail U.S. Police Departments (2016). http:\/\/www.cnbc.com\/2016\/04\/26\/ransomware-hackers-blackmail-us-police-departments.html"},{"key":"5_CR14","unstructured":"Mannion, C.: Three U.S. Hospitals Hit in String of Ransomware Attacks (2016). http:\/\/www.nbcnews.com\/tech\/security\/three-u-s-hospitals-hit-string-ransomware-attacks-n544366"},{"key":"5_CR15","doi-asserted-by":"crossref","unstructured":"Continella, A., Guagnelli, A., Zingaro, G., De Pasquale, G., Barenghi, A., Zanero, S., Maggi, F.: ShieldFS: a self-healing, ransomware-aware filesystem. In: Proceedings of the 32nd Annual Conference on Computer Security Applications, pp. 336\u2013347. ACM (2016)","DOI":"10.1145\/2991079.2991110"},{"key":"5_CR16","unstructured":"Whitcomb, D.: California lawmakers take step toward outlawing ransomware (2016). http:\/\/www.reuters.com\/article\/us-california-ransomware-idUSKCN0X92PA"},{"key":"5_CR17","unstructured":"Dell SecureWorks. University of Calgary paid 20K in ransomware attack (2016). http:\/\/www.cbc.ca\/news\/canada\/calgary\/university-calgary-ransomware-cyberattack-1.3620979"},{"key":"5_CR18","doi-asserted-by":"crossref","first-page":"77","DOI":"10.1007\/s11416-008-0092-2","volume":"6","author":"A Gazet","year":"2010","unstructured":"Gazet, A.: Comparative analysis of various ransomware virii. J. Comput. Virol. 6, 77\u201390 (2010)","journal-title":"J. Comput. Virol."},{"key":"5_CR19","unstructured":"Wolf, G.: 8 High Profile Ransomware Attacks You May Not Have Heard Of (2016). https:\/\/www.linkedin.com\/pulse\/8-high-profile-ransomware-attacks-you-may-have-heard-gregory-wolf"},{"key":"5_CR20","unstructured":"Zremski, J.: New York Senator Seeks to Combat Ransomware (2016). http:\/\/www.govtech.com\/security\/New-York-Senator-Seeks-to-Combat-Ransomware.html"},{"key":"5_CR21","unstructured":"Kharraz, A., Arshad, S., Mulliner, C., Robertson, W., Kirda, E.: A large-scale, automated approach to detecting ransomware. In: 25th USENIX Security Symposium (2016)"},{"key":"5_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-319-20550-2_1","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"A Kharraz","year":"2015","unstructured":"Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., Kirda, E.: Cutting the Gordian Knot: a look under the hood of ransomware attacks. In: Almgren, M., Gulisano, V., Maggi, F. (eds.) DIMVA 2015. LNCS, vol. 9148, pp. 3\u201324. Springer, Cham (2015). doi: 10.1007\/978-3-319-20550-2_1"},{"key":"5_CR23","doi-asserted-by":"crossref","unstructured":"Kolodenker, E., Koch, W., Stringhini, G., Egele, M.: PayBreak: defense against cryptographic ransomware. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, ASIA CCS 2017, pp. 599\u2013611. ACM, New York (2017)","DOI":"10.1145\/3052973.3053035"},{"key":"5_CR24","unstructured":"Abrams, L.: TeslaCrypt Decrypted: flaw in TeslaCrypt allows Victim\u2019s to Recover their Files (2016). http:\/\/www.bleepingcomputer.com\/news\/security\/teslacrypt-decrypted-flaw-in-teslacrypt-allows-victims-to-recover-their-files\/"},{"key":"5_CR25","doi-asserted-by":"crossref","first-page":"145","DOI":"10.1109\/18.61115","volume":"37","author":"J Lin","year":"1991","unstructured":"Lin, J.: Divergence measures based on the shannon entropy. IEEE Trans. Inform. Theory 37, 145\u2013151 (1991)","journal-title":"IEEE Trans. Inform. Theory"},{"key":"5_CR26","unstructured":"Malware Don\u2019t Need Coffee. Guess who\u2019s back again? Cryptowall 3.0 (2015). http:\/\/malware.dontneedcoffee.com\/2015\/01\/guess-whos-back-again-cryptowall-30.html"},{"key":"5_CR27","unstructured":"Microsoft, Inc. Blocking Direct Write Operations to Volumes and Disks. https:\/\/msdn.microsoft.com\/en-us\/library\/windows\/hardware\/ff551353(v=vs.85).aspx"},{"key":"5_CR28","unstructured":"Microsoft, Inc. Protecting Anti-Malware Services (2016). https:\/\/msdn.microsoft.com\/en-us\/library\/windows\/desktop\/dn313124(v=vs.85).aspx"},{"key":"5_CR29","unstructured":"Ms. Smith. Kansas Heart Hospital hit with ransomware; attackers demand two ransoms (2016). http:\/\/www.networkworld.com\/article\/3073495\/security\/kansas-heart-hospital-hit-with-ransomware-paid-but-attackers-demanded-2nd-ransom.html"},{"key":"5_CR30","unstructured":"No-More-Ransomware Project. No More Ransomware! (2016). https:\/\/www.nomoreransom.org\/about-the-project.html"},{"key":"5_CR31","doi-asserted-by":"crossref","unstructured":"Scaife, N., Carter, H., Traynor, P., Butler, K.R.: CryptoLock (and Drop It): stopping ransomware attacks on user data. In: IEEE International Conference on Distributed Computing Systems (ICDCS) (2016)","DOI":"10.1109\/ICDCS.2016.46"},{"key":"5_CR32","unstructured":"O\u2019Gorman, G., McDonald, G.: Ransomware: A Growing Menance (2012). http:\/\/www.symantec.com\/connect\/blogs\/ransomware-growing-menace"},{"key":"5_CR33","unstructured":"Symantec, Inc. Internet Security Threat Report (2014). http:\/\/www.symantec.com\/security_response\/publications\/threatreport.jsp"},{"key":"5_CR34","unstructured":"TrendLabs. An Onslaught of Online Banking Malware and Ransomware (2013). http:\/\/apac.trendmicro.com\/cloud-content\/apac\/pdfs\/security-intelligence\/reports\/rpt-cashing-in-on-digital-information.pdf"},{"key":"5_CR35","doi-asserted-by":"crossref","unstructured":"WIRED Magazine. Why Hospitals Are the Perfect Targets for Ransomware (2016). https:\/\/www.wired.com\/2016\/03\/ransomware-why-hospitals-are-the-perfect-targets\/","DOI":"10.1016\/S1353-4858(16)30031-9"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions, and Defenses"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-66332-6_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,4]],"date-time":"2019-10-04T13:17:53Z","timestamp":1570195073000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-66332-6_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319663319","9783319663326"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-66332-6_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]}}}