English

Using Software-Defined Networking for Ransomware Mitigation: the Case of CryptoWall

Cryptography and Security 2018-04-10 v1

Abstract

Currently, different forms of ransomware are increasingly threatening Internet users. Modern ransomware encrypts important user data and it is only possible to recover it once a ransom has been paid. In this paper we show how Software-Defined Networking (SDN) can be utilized to improve ransomware mitigation. In more detail, we analyze the behavior of popular ransomware - CryptoWall - and, based on this knowledge, we propose two real-time mitigation methods. Then we designed the SDN-based system, implemented using OpenFlow, which facilitates a timely reaction to this threat, and is a crucial factor in the case of crypto ransomware. What is important is that such a design does not significantly affect overall network performance. Experimental results confirm that the proposed approach is feasible and efficient.

Keywords

Cite

@article{arxiv.1608.06673,
  title  = {Using Software-Defined Networking for Ransomware Mitigation: the Case of CryptoWall},
  author = {Krzysztof Cabaj and Wojciech Mazurczyk},
  journal= {arXiv preprint arXiv:1608.06673},
  year   = {2018}
}

Comments

9 pages, 6 figures

R2 v1 2026-06-22T15:28:42.729Z