{"id":"https://openalex.org/W4413795042","doi":"https://doi.org/10.3390/info16090739","title":"Real-Time Detection and Recovery Method Against Ransomware Based on Simple Format Analysis","display_name":"Real-Time Detection and Recovery Method Against Ransomware Based on Simple Format Analysis","publication_year":2025,"publication_date":"2025-08-27","ids":{"openalex":"https://openalex.org/W4413795042","doi":"https://doi.org/10.3390/info16090739"},"language":"en","primary_location":{"id":"doi:10.3390/info16090739","is_oa":true,"landing_page_url":"https://doi.org/10.3390/info16090739","pdf_url":"https://www.mdpi.com/2078-2489/16/9/739/pdf?version=1756302533","source":{"id":"https://openalex.org/S4210219776","display_name":"Information","issn_l":"2078-2489","issn":["2078-2489"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/2078-2489/16/9/739/pdf?version=1756302533","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5087060698","display_name":"Jae-yeol Kim","orcid":"https://orcid.org/0009-0007-7363-9621"},"institutions":[{"id":"https://openalex.org/I4210145313","display_name":"Kyungwoon University","ror":"https://ror.org/050384c29","country_code":"KR","type":"education","lineage":["https://openalex.org/I4210145313"]}],"countries":["KR"],"is_corresponding":true,"raw_author_name":"JaeYeol Kim","raw_affiliation_strings":["Department of Software, Kyungwoon University, Gumi 39160, Republic of Korea"],"raw_orcid":"https://orcid.org/0009-0007-7363-9621","affiliations":[{"raw_affiliation_string":"Department of Software, Kyungwoon University, Gumi 39160, Republic of Korea","institution_ids":["https://openalex.org/I4210145313"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5087060698"],"corresponding_institution_ids":["https://openalex.org/I4210145313"],"apc_list":{"value":1400,"currency":"CHF","value_usd":1515},"apc_paid":{"value":1400,"currency":"CHF","value_usd":1515},"fwci":1.2312,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.81951817,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":"16","issue":"9","first_page":"739","last_page":"739"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9977999925613403,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9955999851226807,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.9231408834457397},{"id":"https://openalex.org/keywords/simple","display_name":"Simple (philosophy)","score":0.662003755569458},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6168794631958008},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.24698054790496826},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.14196428656578064}],"concepts":[{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.9231408834457397},{"id":"https://openalex.org/C2780586882","wikidata":"https://www.wikidata.org/wiki/Q7520643","display_name":"Simple (philosophy)","level":2,"score":0.662003755569458},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6168794631958008},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.24698054790496826},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.14196428656578064},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.3390/info16090739","is_oa":true,"landing_page_url":"https://doi.org/10.3390/info16090739","pdf_url":"https://www.mdpi.com/2078-2489/16/9/739/pdf?version=1756302533","source":{"id":"https://openalex.org/S4210219776","display_name":"Information","issn_l":"2078-2489","issn":["2078-2489"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:84c11c6595394d8a83013e95e8506353","is_oa":true,"landing_page_url":"https://doaj.org/article/84c11c6595394d8a83013e95e8506353","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Information, Vol 16, Iss 9, p 739 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.3390/info16090739","is_oa":true,"landing_page_url":"https://doi.org/10.3390/info16090739","pdf_url":"https://www.mdpi.com/2078-2489/16/9/739/pdf?version=1756302533","source":{"id":"https://openalex.org/S4210219776","display_name":"Information","issn_l":"2078-2489","issn":["2078-2489"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4413795042.pdf","grobid_xml":"https://content.openalex.org/works/W4413795042.grobid-xml"},"referenced_works_count":5,"referenced_works":["https://openalex.org/W1536598138","https://openalex.org/W4285233911","https://openalex.org/W4404633577","https://openalex.org/W4405157903","https://openalex.org/W4405434363"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W3201228709","https://openalex.org/W2922354075","https://openalex.org/W4389157351","https://openalex.org/W4232561318","https://openalex.org/W3202245533","https://openalex.org/W4253977752","https://openalex.org/W2942879794"],"abstract_inverted_index":{"Ransomware":[0],"encrypts":[1,22],"targeted":[2],"files,":[3],"making":[4],"recovery":[5,143],"difficult":[6],"using":[7],"conventional":[8],"disinfection":[9],"or":[10],"deletion":[11],"methods,":[12],"unlike":[13],"other":[14],"types":[15],"of":[16,36,52,87],"malware.":[17],"In":[18,39,136],"particular,":[19],"ransomware":[20,46,168],"commonly":[21],"important":[23],"documents":[24],"as":[25,146],"a":[26,60,114,140],"follow-up":[27],"action,":[28],"and":[29,48,73,109],"existing":[30,133],"antivirus":[31],"programs":[32],"are":[33],"fundamentally":[34],"incapable":[35],"preventing":[37],"them.":[38],"this":[40],"study,":[41],"we":[42,58,138],"analyzed":[43],"97":[44],"real-world":[45],"behaviors":[47],"found":[49],"that":[50,117],"95.88%":[51],"them":[53,76],"involved":[54],"encryption":[55,72],"attempts.":[56],"Consequently,":[57],"propose":[59],"real-time":[61,142,147],"method":[62,116],"for":[63,74],"determining":[64],"whether":[65],"critical":[66],"files":[67],"have":[68],"been":[69],"compromised":[70],"through":[71],"recovering":[75],"accordingly.":[77],"The":[78],"proposed":[79,162],"Simple":[80,90,99,110],"Format":[81,91,100,111],"Analysis":[82],"(SFA)":[83],"detection":[84,123,134,155],"technique":[85],"consists":[86],"three":[88],"methods:":[89],"Analysis\u2013Fixed-structure-based":[92],"(SFA-F),":[93],"which":[94,103,152],"analyzes":[95],"the":[96,161],"file":[97,106,148],"format;":[98],"Analysis\u2013Header-based":[101],"(SFA-H),":[102],"focuses":[104],"on":[105],"header":[107],"information;":[108],"Analysis\u2014Fixed-structure-and-Header-based":[112],"(SFA-F-H),":[113,131],"hybrid":[115],"combines":[118],"both.":[119],"These":[120],"techniques":[121],"achieved":[122],"accuracies":[124],"ranging":[125],"from":[126,150],"95.0%":[127],"(SFA-F)":[128],"to":[129,164,167],"97.9%":[130],"outperforming":[132],"approaches.":[135],"addition,":[137],"introduce":[139],"novel":[141],"approach":[144,163],"known":[145],"restoration":[149],"damage,":[151],"integrates":[153],"SFA":[154],"with":[156],"pre-input/output":[157],"monitoring.":[158],"We":[159],"expect":[160],"significantly":[165],"contribute":[166],"mitigation":[169],"in":[170],"cybersecurity":[171],"environments.":[172]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-10-10T00:00:00"}