An Empirical Study on Technology Development of EDR-based Multi-Layer Ransomware Defense Platform
An Empirical Study on Technology Development of EDR-based Multi-Layer Ransomware Defense Platform is a scholarly work, published in 2018 in ''International Journal of Advanced Science and Technology''. The main subjects of the publication include layer, ontology, emergency management, big data, ransomware, and computer science. Ransomware, unlike the existing malicious code, encrypts or blocks the data or DB and causes the business interruption.Therefore, the strategic goal of this defense technology is to ensure the continuity of the organization.This study aims to protect the authors' information assets from Ransomware by developing an economical and effective defense model by combining action-based prior blocking technology, data backup technology, and non-encrypted Ransomware and information leakage malignant code.And this study examined EDR based multi-layered defense platform (EMRDP) which composed a software authentication algorithm (SAA), behavior based detection, analysis and blocking algorithm (BDA), real -time encrypted security backup algorithm (SBA) as one platform in order to respond to intelligently evolving ransomware attack and overcome limitation of existing ransomware defense system.As a result of applying a prototype for the proposed model, when the three algorithms (SAA, BDA, SBA) proposed in this model was applied in stages, this study confirmed validated performance verification which detected and blocked 100% of all the 11 kinds of new and variant ransomware.