Detection of Ransomware Using Hardware-Based Honeypot Files with SMB Traps

Abstract-Ransomware attacks have escalated, posing significant threats to organizations by encrypting critical data and demanding ransoms. Traditional security measures often fall short against sophisticated ransomware variants. This paper explores the deployment of hardware-based honeypot files utilizing Server Message Block (SMB) traps as a proactive defense mechanism. By integrating deceptive SMB shares at the hardware level, organizations can detect, analyze, and mitigate ransomware activities more effectively.