資料載入處理中...
圖書館首頁
|
網站地圖
|
首頁
|
本站說明
|
聯絡我們
|
相關資源
|
台聯大論文系統
|
操作說明
|
English
簡易查詢
進階查詢
論文瀏覽
熱門排行
我的研究室
上傳論文
建檔說明
常見問題
帳號:guest(18.119.213.213)
離開系統
字體大小:
詳目顯示
第 1 筆 / 共 1 筆
/1
頁
以作者查詢圖書館館藏
、
以作者查詢臺灣博碩士論文系統
、
以作者查詢全國書目
論文基本資料
摘要
外文摘要
論文目次
參考文獻
電子全文
作者(中文):
辜泓翔
作者(外文):
Ku, Hung-Hsiang
論文名稱(中文):
一個用於Linux平台之勒索軟體防護系統
論文名稱(外文):
A Ransomware Protector on Linux
指導教授(中文):
孫宏民
指導教授(外文):
Sun, Hung-Min
口試委員(中文):
許富皓
黃世昆
口試委員(外文):
Hsu, Fu-Hau
Huang, Shih-Kun
學位類別:
碩士
校院名稱:
國立清華大學
系所名稱:
資訊工程學系
學號:
106062639
出版年(民國):
108
畢業學年度:
107
語文別:
英文
論文頁數:
24
中文關鍵詞:
勒索軟體
外文關鍵詞:
Ransomware
相關次數:
推薦:0
點閱:446
評分:
下載:0
收藏:0
近年來,隨著網路與電腦的高度發展,電腦在人類生活中所佔的比重也愈來愈重。對現代社會而言,電腦儼然已經成為生活中不可或缺的一部份。但對電腦的高度依賴,也代表電腦上將存有使用者大量的重要資料,這也使得個人電腦愈來愈容易成為攻擊者投放惡意軟體並從中獲利的目標。
勒索軟體是近年來最具破壞性的惡意軟體之一,這類惡意軟體會將使用者的檔案加密,並要求使用者以支付贖金的方式來取得解密檔案的密鑰,否則便無法取回被加密的檔案。並且攻擊者雖然會告知受害者明確的付款方式,卻總是透過加密貨幣的方式來隱藏自己的身分,進而躲避追緝,使受害者甚至無法採取進一步手段來討回自己的損失。而勒索軟體原本攻擊的平台僅限於WINDOWS,但是隨著linux用戶的增多與勒索軟體愈來愈多的變種,2015年出現了一款名為Linux.Encoder.1的勒索軟體,這種勒索軟體主要的攻擊對象是LINUX,而隨著時光的流逝,勒索軟體也陸續演變出 之類的變種,直到現在,針對LINUX的勒索軟體愈來愈多,代表不久的將來,LINUX也可能不再像過去人們所認為的那般安全。
為了預防這樣糟糕的事態發生,在本篇論文中,我們提出了一個方法來預防LINUX系統受到勒索軟體的危害。我們製作了一個自動化系統,採用隨時監聽的方式,讓使用者選擇一個資料夾,由我們的系統負責監聽該資料夾內的一切變化,並且檢測目錄內的檔案是否健康。一旦我們的系統判斷檔案健康,便會立刻將健康的檔案透過FTP上傳到與系統相連的私有雲空間。以確保健康的檔案隨時能受到備份。一旦目前的系統受到勒索軟體加密,我們的系統便會將已被加密的檔案刪除,再從私有雲將健康的檔案下載回來,防止使用者因為勒索軟體而可能造成的各種檔案損失。
In recent years, with the high development of Internet, personal computer becomes more and more important part in human's life. But the deep reliance with computer means there will be a big amount of sensitive data saved in it. For this reason, computer has became the target of the attackers who get profit by spread malware more and more easily.
Ransomware is one of the most devaststing malware in recent years. This kind of malware will encrypt the victim's files to ask ransom payment. The victim's computer won't be unlocked until the victim pay the ransom.And the payment can be completed by buying some specific products or using bitcoin, which makes the criminals untraceable.
To prevent such terrible condition, we propose a method to prevent Linux operating system from the attack of ransomware. We construct an automatic system to monitor user's computer.First we let our user choose a directory. Then our system will monitor all the files changing in the directory on real-time and check if the files are healthy. If the files are healthy, our system will upload the files to the private cloud by FTP to ensure the healthy file can be back up on time. If our user's computer is encrypted by ransomware, our system will delete the encrypted files and download the healthy files from private cloud. Then our system can prevent our user from the loss of ransomware.
1 Introduction .....1
1.1 Motivation .....1
1.2 Contribution .....3
1.3 Organization .....3
2 Background .....5
2.1 Ransomware .....5
2.1.1 Behavior .....6
2.1.2 Erebus Ransomware .....7
2.2 Load balancing .....8
3 Related works .....9
4 System Framework .....11
4.1 Goal .....11
4.2 System Framework .....11
4.2.1 Client Authentication .....12
4.2.2 Listen to the user defined directory .....13
4.2.3 If a file is updated .....13
4.2.4 Check whether the file is healthy .....14
4.2.5 Request to store the file .....14
5 System Requirement .....15
5.1 System Requirement .....15
5.2 Tools .....16
5.2.1 IText .....16
5.2.2 Apache POI .....16
5.2.3 JNotify .....16
5.2.4 Apache Commons-IO .....16
5.2.5 JavaFX .....17
5.3 System Architecture .....17
5.3.1 Client Authentication .....17
5.3.2 Main progress of our system .....18
5.4 Experiment .....18
5.4.1 Experiment environment and settings .....19
5.4.2 Experiment process .....19
6 Conclusion .....22
Bibliography .....23
[1]Annual number of ransomware attacks worldwide from 2014 to 2018 (inmillions).https://www.statista.com/statistics/494947/ransomware-attacks-per-year-worldwide/.
[2]Apache commons-io.http://commons.apache.org/proper/commons-io/.[3]Apache poi.https://poi.apache.org/.
[4]Erebus linux ransomware: Impact to servers and countermeasures.https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/erebus-linux-ransomware-impact-to-servers-and-countermeasures.
[5]Gonnacry.https://github.com/tarcisio-marinho/GonnaCry.
[6]itext.https://itextpdf.com/en.
[7]Javafx.https://openjfx.io/openjfx-docs/.
[8]Jnotify.http://jnotify.sourceforge.net/.
[9]Market share held by the leading computer (desktop/tablet/console)operating systems worldwide from january 2012 to february 2019.https://www.statista.com/statistics/268237/global-market-share-held-by-operating-systems-since-2009/.
[10]Number of newly discovered ransomware families worldwide from 2015 to2018.https://www.statista.com/statistics/701029/number-of-newly-added-ransomware-families-worldwide/.23
[11]Wikipedia: Load balancing (computing).https://en.wikipedia.org/wiki/Load_balancing_(computing).[12]Wikipedia: Ransomware.https://en.wikipedia.org/wiki/Ransomware.[13]wikipedia usage share of operating systems.https://en.wikipedia.org/wiki/Usage_share_of_operating_systems#Public_servers_on_the_Internet.
[14]Kharraz Amin, Arshad Sajjad, Mulliner Collin, Robertson William, and KirdaEngin. Unveil: A large-scale, automated approach to detecting ransomware.2016.
[15]Alam Manaar, Bhattacharya Sarani, Mukhopadhyay Debdeep, andChattopadhyay Anupam. Rapper: Ransomware prevention via performancecounters. 2018.
[16]Scaife Nolen, Carter Henry, Traynor Patrick, and Butler Kevin, R.B.Cryptolock (and drop it): Stopping ransomware attacks on user data. 2016
(此全文未開放授權)
電子全文
中英文摘要
推文
當script無法執行時可按︰
推文
推薦
當script無法執行時可按︰
推薦
評分
當script無法執行時可按︰
評分
引用網址
當script無法執行時可按︰
引用網址
轉寄
當script無法執行時可按︰
轉寄
top
相關論文
1.
用於實現秘密分享方法之具多項式時間複雜度的分解構建法
2.
基於特徵點之數位影像版權保護
3.
無線感知網路上具能量節約特性之安全路徑繞送協定的研究
4.
使用API監測系統對抗蠕蟲與惡意程式之研究
5.
無線感知網路之金鑰管理研究
6.
適用於無線感知網路安全群組通訊之具有效性及擴充性的金鑰管理方法
7.
基於身份與以隱私為主體的數位版權管理系統之研究
8.
A Study of Arithmetic Codes for Joint Encryption and Compression
9.
A Study of Key Management Mechanism for Content Access Control in Pay-TV Broadcasting Systems
10.
RSA金鑰產生器之後門研究
11.
基於微軟作業系統API掛勾之Shellcodes偵測之研究
12.
A Study on Lightweight Authentication Protocols for RFID
13.
多重服務環境下抵擋TCP SYN Flooding DDoS 攻擊之入侵防禦系統
14.
On the Design and Cryptanalysis of Efficient RSA Variants
15.
高可靠度網路資料傳輸與驗證
簡易查詢
|
進階查詢
|
論文瀏覽
|
熱門排行
|
管理/審核者登入