{"id":"https://openalex.org/W3046012722","doi":"https://doi.org/10.1109/icc40277.2020.9149005","title":"Exploiting Ransomware Paranoia For Execution Prevention","display_name":"Exploiting Ransomware Paranoia For Execution Prevention","publication_year":2020,"publication_date":"2020-06-01","ids":{"openalex":"https://openalex.org/W3046012722","doi":"https://doi.org/10.1109/icc40277.2020.9149005","mag":"3046012722"},"language":"en","primary_location":{"id":"doi:10.1109/icc40277.2020.9149005","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icc40277.2020.9149005","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ICC 2020 - 2020 IEEE International Conference on Communications (ICC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5074094953","display_name":"Ali AlSabeh","orcid":"https://orcid.org/0000-0001-7063-4840"},"institutions":[{"id":"https://openalex.org/I155781252","display_name":"University of South Carolina","ror":"https://ror.org/02b6qw903","country_code":"US","type":"education","lineage":["https://openalex.org/I155781252"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Ali AlSabeh","raw_affiliation_strings":["Integrated Information Technology Dept, University of South Carolina (USC), Columbia, South Carolina, USA"],"affiliations":[{"raw_affiliation_string":"Integrated Information Technology Dept, University of South Carolina (USC), Columbia, South Carolina, USA","institution_ids":["https://openalex.org/I155781252"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5108526386","display_name":"Ha\u0131\u0308dar Safa","orcid":null},"institutions":[{"id":"https://openalex.org/I98635879","display_name":"American University of Beirut","ror":"https://ror.org/04pznsd21","country_code":"LB","type":"education","lineage":["https://openalex.org/I98635879"]}],"countries":["LB"],"is_corresponding":false,"raw_author_name":"Haidar Safa","raw_affiliation_strings":["Computer Science Dept, American University of Beirut (AUB), Beiru, Lebanonx"],"affiliations":[{"raw_affiliation_string":"Computer Science Dept, American University of Beirut (AUB), Beiru, Lebanonx","institution_ids":["https://openalex.org/I98635879"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5039079298","display_name":"Elias Bou\u2010Harb","orcid":"https://orcid.org/0000-0001-8040-4635"},"institutions":[{"id":"https://openalex.org/I45438204","display_name":"The University of Texas at San Antonio","ror":"https://ror.org/01kd65564","country_code":"US","type":"education","lineage":["https://openalex.org/I45438204"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Elias Bou-Harb","raw_affiliation_strings":["The Cyber Center For Security and Analytics, University of Texas at San Antonio (UTSA), San Antonio, Texas, USA"],"affiliations":[{"raw_affiliation_string":"The Cyber Center For Security and Analytics, University of Texas at San Antonio (UTSA), San Antonio, Texas, USA","institution_ids":["https://openalex.org/I45438204"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5058298121","display_name":"Jorge Crichigno","orcid":"https://orcid.org/0000-0002-6705-5300"},"institutions":[{"id":"https://openalex.org/I155781252","display_name":"University of South Carolina","ror":"https://ror.org/02b6qw903","country_code":"US","type":"education","lineage":["https://openalex.org/I155781252"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jorge Crichigno","raw_affiliation_strings":["Integrated Information Technology Dept, University of South Carolina (USC), Columbia, South Carolina, USA"],"affiliations":[{"raw_affiliation_string":"Integrated Information Technology Dept, University of South Carolina (USC), Columbia, South Carolina, USA","institution_ids":["https://openalex.org/I155781252"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5074094953"],"corresponding_institution_ids":["https://openalex.org/I155781252"],"apc_list":null,"apc_paid":null,"fwci":1.8285,"has_fulltext":false,"cited_by_count":15,"citation_normalized_percentile":{"value":0.85903055,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9915000200271606,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9869999885559082,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.982546329498291},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7629890441894531},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6832890510559082},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6283782124519348},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.5034238696098328},{"id":"https://openalex.org/keywords/fingerprint","display_name":"Fingerprint (computing)","score":0.45780205726623535},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.43956902623176575},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.36874261498451233}],"concepts":[{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.982546329498291},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7629890441894531},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6832890510559082},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6283782124519348},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.5034238696098328},{"id":"https://openalex.org/C2777826928","wikidata":"https://www.wikidata.org/wiki/Q3745713","display_name":"Fingerprint (computing)","level":2,"score":0.45780205726623535},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.43956902623176575},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.36874261498451233}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icc40277.2020.9149005","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icc40277.2020.9149005","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ICC 2020 - 2020 IEEE International Conference on Communications (ICC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.4099999964237213,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":14,"referenced_works":["https://openalex.org/W2005043824","https://openalex.org/W2111038628","https://openalex.org/W2132874238","https://openalex.org/W2229758354","https://openalex.org/W2296579688","https://openalex.org/W2461373307","https://openalex.org/W2553476679","https://openalex.org/W2600659481","https://openalex.org/W2773511604","https://openalex.org/W2800509541","https://openalex.org/W2885747980","https://openalex.org/W4245435048","https://openalex.org/W4302027802","https://openalex.org/W6755839861"],"related_works":["https://openalex.org/W3201228709","https://openalex.org/W2922354075","https://openalex.org/W4389157351","https://openalex.org/W4232561318","https://openalex.org/W4253977752","https://openalex.org/W3120595989","https://openalex.org/W2964829536","https://openalex.org/W2904586340","https://openalex.org/W2942879794","https://openalex.org/W3214090987"],"abstract_inverted_index":{"Ransomware":[0],"attacks":[1,58],"cost":[2,13],"businesses":[3],"more":[4],"than":[5],"$75":[6],"billion/year,":[7],"and":[8,32,53,92,118,152,171,179,219,223],"it":[9,154],"is":[10,143],"predicted":[11],"to":[12,36,61,71,85,110,145,157,189,204,212],"$6":[14],"trillion/year":[15],"by":[16,24,129],"2021.":[17],"These":[18],"numbers":[19],"demonstrate":[20,187],"the":[21,47,63,69,80,95,112,124,131,141,150,158,183,200,205],"havoc":[22],"produced":[23],"ransomware":[25,40,57,84,173,178,191],"on":[26,89],"a":[27,102,127,193],"large":[28,209],"number":[29],"of":[30,82,97,104,126,160],"sectors":[31],"urge":[33],"security":[34,216],"researches":[35],"tackle":[37],"it.":[38],"Several":[39],"detection":[41],"approaches":[42],"have":[43],"been":[44],"proposed":[45],"in":[46,138],"literature":[48],"that":[49,107,122],"interchange":[50],"between":[51],"static":[52],"dynamic":[54,73],"analysis.":[55,74],"Recently,":[56],"were":[59],"shown":[60],"fingerprint":[62],"execution":[64],"environment":[65],"before":[66,149],"they":[67],"attack":[68,88],"system":[70],"counter":[72],"In":[75],"this":[76],"paper,":[77],"we":[78,115,136,175,186],"exploit":[79],"behavior":[81,125],"contemporary":[83],"prevent":[86,190],"its":[87,147],"real":[90,170],"systems":[91],"thus":[93],"avoid":[94],"loss":[96],"any":[98,161],"data.":[99],"We":[100,198],"explore":[101],"set":[103],"ransomware-generated":[105],"artifacts":[106],"are":[108],"launched":[109],"sniff":[111],"surrounding.":[113],"Furthermore,":[114],"design,":[116],"develop,":[117],"evaluate":[119],"an":[120],"approach":[121,202],"monitors":[123],"program":[128,142],"intercepting":[130],"called":[132],"Windows":[133],"APIs.":[134],"Consequently,":[135],"determine":[137],"real-time":[139],"if":[140],"trying":[144],"inspect":[146,182],"surrounding":[148],"attack,":[151],"abort":[153],"immediately":[155],"prior":[156],"initiation":[159],"malicious":[162],"encryption":[163],"or":[164],"locking.":[165],"Through":[166],"empirical":[167],"evaluations":[168,222],"using":[169],"recent":[172],"samples,":[174],"study":[176],"how":[177,188],"benign":[180],"programs":[181],"environment.":[184],"Additionally,":[185],"with":[192],"low":[194],"false":[195],"positive":[196],"rate.":[197],"make":[199],"developed":[201],"available":[203],"research":[206],"community":[207],"at":[208],"through":[210],"GitHub":[211],"strongly":[213],"promote":[214],"cyber":[215],"defense":[217],"operations":[218],"for":[220],"wide-scale":[221],"enhancements.":[224]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1}],"updated_date":"2026-03-14T06:41:57.775601","created_date":"2025-10-10T00:00:00"}