RansomCillin: Leveraging NTFS Spare Space to Recover from Ransomware Attacks

Abstract: This study investigates an innovative method to combat ransomware, leveraging the New Technology File System (NTFS) spare space in Windows operating systems. The focus is on RansomCillin, a tool designed for effective data recovery after ransomware attacks. The methodology entailed a simulated environment using prevalent ransomware strains to assess RansomCillin's file recovery success, time efficiency, data integrity, and system performance impact. Results showed RansomCillin's high effectiveness in restoring… Show more

“…Such educational initiatives are vital in creating a first line of defense at the human level, often the most vulnerable aspect of cybersecurity [13], [33], [15]. Furthermore, the formulation of comprehensive incident response plans, which include regular protocols for data backup and recovery, stands as a critical preventive strategy against ransomware intrusions [39], [40], [41]. These plans ensure that, in the event of an attack, the impact is minimized, and recovery can be initiated swiftly and effectively [42], [30], [31].…”

NTFS+: An Enhanced NTFS File System Against Ransomware Invasions

“…Such educational initiatives are vital in creating a first line of defense at the human level, often the most vulnerable aspect of cybersecurity [13], [33], [15]. Furthermore, the formulation of comprehensive incident response plans, which include regular protocols for data backup and recovery, stands as a critical preventive strategy against ransomware intrusions [39], [40], [41]. These plans ensure that, in the event of an attack, the impact is minimized, and recovery can be initiated swiftly and effectively [42], [30], [31].…”

NTFS+: An Enhanced NTFS File System Against Ransomware Invasions