{"id":"https://openalex.org/W4402811700","doi":"https://doi.org/10.1109/csr61664.2024.10679432","title":"Active Honey Files for Ransomware Encryption Mitigation","display_name":"Active Honey Files for Ransomware Encryption Mitigation","publication_year":2024,"publication_date":"2024-09-02","ids":{"openalex":"https://openalex.org/W4402811700","doi":"https://doi.org/10.1109/csr61664.2024.10679432"},"language":"en","primary_location":{"id":"doi:10.1109/csr61664.2024.10679432","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/csr61664.2024.10679432","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.5281/zenodo.12783313","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5009279802","display_name":"Ioannis Stamelos","orcid":"https://orcid.org/0000-0001-9440-3633"},"institutions":[{"id":"https://openalex.org/I55741626","display_name":"Technical University of Crete","ror":"https://ror.org/03f8bz564","country_code":"GR","type":"education","lineage":["https://openalex.org/I55741626"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Ioannis Stamelos","raw_affiliation_strings":["Technical University of Crete,Department of Electrical and Computer Engineering,Chania,Greece"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Technical University of Crete,Department of Electrical and Computer Engineering,Chania,Greece","institution_ids":["https://openalex.org/I55741626"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089546492","display_name":"George Hatzivasilis","orcid":null},"institutions":[{"id":"https://openalex.org/I55741626","display_name":"Technical University of Crete","ror":"https://ror.org/03f8bz564","country_code":"GR","type":"education","lineage":["https://openalex.org/I55741626"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"George Hatzivasilis","raw_affiliation_strings":["Technical University of Crete,Department of Electrical and Computer Engineering,Chania,Greece"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Technical University of Crete,Department of Electrical and Computer Engineering,Chania,Greece","institution_ids":["https://openalex.org/I55741626"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5109897169","display_name":"Sotiris Ioannidis","orcid":"https://orcid.org/0009-0002-0682-0475"},"institutions":[{"id":"https://openalex.org/I55741626","display_name":"Technical University of Crete","ror":"https://ror.org/03f8bz564","country_code":"GR","type":"education","lineage":["https://openalex.org/I55741626"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Sotiris Ioannidis","raw_affiliation_strings":["Technical University of Crete,Department of Electrical and Computer Engineering,Chania,Greece"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Technical University of Crete,Department of Electrical and Computer Engineering,Chania,Greece","institution_ids":["https://openalex.org/I55741626"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.6024,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.65533132,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"706","last_page":"713"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11017","display_name":"Chaos-based Image/Signal Encryption","score":0.994700014591217,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.8199054598808289},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.7271853685379028},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.627489447593689},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5333383679389954},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.4158942401409149},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.37493282556533813},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.3213709592819214},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.21959254145622253}],"concepts":[{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.8199054598808289},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.7271853685379028},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.627489447593689},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5333383679389954},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.4158942401409149},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.37493282556533813},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3213709592819214},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.21959254145622253}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/csr61664.2024.10679432","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/csr61664.2024.10679432","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"},{"id":"doi:10.5281/zenodo.12783313","is_oa":true,"landing_page_url":"https://doi.org/10.5281/zenodo.12783313","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":""}],"best_oa_location":{"id":"doi:10.5281/zenodo.12783313","is_oa":true,"landing_page_url":"https://doi.org/10.5281/zenodo.12783313","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":""},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3438030729","display_name":"Secure OPen source softwarE and hardwaRe Adaptable framework","funder_award_id":"101070599","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G7101359132","display_name":"Bridging the security, privacy and data protection gap for smaller enterprises in Europe","funder_award_id":"101021659","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"}],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":15,"referenced_works":["https://openalex.org/W2119359024","https://openalex.org/W2168154523","https://openalex.org/W2513529237","https://openalex.org/W2549564909","https://openalex.org/W2765383620","https://openalex.org/W2775582065","https://openalex.org/W2890196927","https://openalex.org/W2944996997","https://openalex.org/W3031870221","https://openalex.org/W3115397429","https://openalex.org/W4247444673","https://openalex.org/W4366447842","https://openalex.org/W4388488404","https://openalex.org/W4389454898","https://openalex.org/W4399787775"],"related_works":["https://openalex.org/W3201228709","https://openalex.org/W2922354075","https://openalex.org/W4389157351","https://openalex.org/W4232561318","https://openalex.org/W4253977752","https://openalex.org/W3120595989","https://openalex.org/W2942879794","https://openalex.org/W2964829536","https://openalex.org/W2904586340","https://openalex.org/W4380791770"],"abstract_inverted_index":{"Ransomware":[0],"has":[1],"emerged":[2],"as":[3,85],"one":[4,64],"of":[5,102,117],"the":[6,25,49,80,83,91,99,138,143],"most":[7],"damaging":[8],"cyber-threats,":[9],"causing":[10],"financial":[11],"losses":[12],"and":[13,87,147],"data":[14,131],"breaches":[15],"across":[16],"various":[17],"sectors.":[18],"Since":[19],"detection":[20],"methods":[21],"are":[22,135],"constantly":[23],"improved,":[24],"ransomware":[26,41,59],"itself":[27],"becomes":[28],"equally":[29],"better":[30],"in":[31,137],"avoiding":[32],"detection.":[33],"This":[34],"paper":[35],"proposes":[36],"a":[37,70,125],"mitigation":[38],"solution":[39,105],"for":[40,142],"based":[42],"on":[43,55,108],"HoneyFiles.":[44],"The":[45,94,104],"idea":[46],"is":[47,60,96],"that":[48,57],"user":[50,92],"deploys":[51],"decoy":[52],"files,":[53],"focusing":[54],"folders":[56],"popular":[58],"targeting.":[61],"Normally,":[62],"no":[63],"interacts":[65],"with":[66],"those":[67],"files.":[68],"When":[69],"process":[71,84],"tries":[72],"to":[73,97],"open,":[74],"move,":[75],"delete,":[76],"or":[77],"rename":[78],"them,":[79],"mechanism":[81],"identifies":[82],"malicious":[86],"kills":[88],"it,":[89],"notifying":[90],"accordingly.":[93],"goal":[95],"stop":[98],"encryption":[100],"functionality":[101],"ransowmare.":[103],"was":[106],"tested":[107],"Windows":[109],"against":[110,127],"23":[111],"open-source":[112],"ransomware,":[113],"mitigating":[114],"around":[115],"95%":[116],"them.":[118],"Potentially,":[119],"this":[120],"approach":[121],"could":[122],"also":[123],"protect":[124],"system":[126],"other":[128],"attacks,":[129],"like":[130],"breaches.":[132],"Moreover,":[133],"HoneyFIles":[134],"applied":[136],"EU-funded":[139],"project":[140],"SecOPERA":[141],"protection":[144],"modern":[145],"IoT":[146],"ICT":[148],"infrastructures.":[149]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2024,"cited_by_count":1}],"updated_date":"2026-06-22T08:00:12.763002","created_date":"2025-10-10T00:00:00"}