Ransomware (malicious software which denies access to a victim’s computing resource and demands a ransom in order to restore access) is an ever-growing threat to both individuals and organisations across the globe. The first version of ransomware was developed in the 1980s and has continued to grow in both sophistication and popularity amongst cybercriminals.
Unfortunately, individuals and organisations often continue to pay the ransom demand in order to regain access to their data. Not only is there no guarantee that doing so will ensure full data recovery, it also helps to fund the cybercriminal economy itself. It is of vital importance to maintain a strong and consistent offline backup scheme, as well as to ensure good practice when it comes to reading emails and browsing the Internet, in order to mitigate the ransomware threat as much as possible.
I am currently investigating and developing various methods to provide the early detection of ransomware. This helps to effectively stop an active ransomware attack before any damage can be caused (i.e. file-loss due to encryption). I am approaching the problem from different angles, including machine learning, anomaly detection and statistical analysis. I am also investigating techniques to recover data that is successfully encrypted by a ransomware attack, in order to allow a victim to recover their data without paying the ransom.
I am a member of the following research groups:
My main research interests are ransomware detection and recovery techniques. I am particularly interested in the development of proactive anti-ransomware software that is capable of defeating and recovering from ransomware in real-time.
Class Supervisor Experience Includes:
Showing of total publications in the Kent Academic Repository. View all publications