@article{MBB79BCBC,
title = "A Study on Micro-Segmentation Based File-Encrypting Ransomware Detection",
journal = "The Journal of Korean Institute of Communications and Information Sciences",
year = "2023",
issn = "1226-4717",
doi = "10.7840/kics.2023.48.9.1114",
author = "Jung-woo Seo",
keywords = "Ransomware, Micro-segmentation, Anomaly detection, Malware",
abstract = "Traditional perimeter-focused security measures have limitations in a complex and diversifying IT infrastructure environment. Traditional perimeter firewalls cannot effectively detect attackers who have crossed the perimeter and entered the trust zone. While organizations take proactive steps to reduce the scope of attacks, it is difficult to stop data leaks. Therefore, organizations need to enhance their ability to detect and prevent lateral movement The proposed methodology is based on micro-segmentation to separate directories and files into regions, organize directories and files into blocks, and then detect anomalies. The experiment utilized real data from a virtualized environment and measured the time to detect file-encrypted ransomware by executing the malware."
}