基于Android v.11的高效机器学习方法Ransomware检测

2021 1st International Conference on Artificial Intelligence and Data Analytics (CAIDA) Pub Date : 2021-04-06 DOI:10.1109/CAIDA51941.2021.9425059

Iman M. Almomani, Aala Alkhayer, Mohanned Ahmed

{"title":"基于Android v.11的高效机器学习方法Ransomware检测","authors":"Iman M. Almomani, Aala Alkhayer, Mohanned Ahmed","doi":"10.1109/CAIDA51941.2021.9425059","DOIUrl":null,"url":null,"abstract":"Android ransomware is a threatening malware that is targeting individuals and enterprises. Many existing approaches suggested different ransomware detection solutions to protect users’ devices and data. These solutions used mainly static-based or dynamic-based analysis systems. However, the current solutions have considered only the old versions of Android platforms. In this paper, an efficient machine learning-based ransomware detection approach is proposed. This approach has studied deeply the latest version of Android (Version 11, API Level 30) to include the updated list of features including permissions and API packages calls that might be utilized by ransomware attacks. A new dataset was created after parsing 1000 apps to extract these features. Afterwards, different machine learning techniques were executed to generate different predictive models for Andoird ransomware. Some predictive models reached 98.3% of detection accuracy even after reducing around 26% of the overall features set.","PeriodicalId":272573,"journal":{"name":"2021 1st International Conference on Artificial Intelligence and Data Analytics (CAIDA)","volume":"854 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-04-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"An Efficient Machine Learning-based Approach for Android v.11 Ransomware Detection\",\"authors\":\"Iman M. Almomani, Aala Alkhayer, Mohanned Ahmed\",\"doi\":\"10.1109/CAIDA51941.2021.9425059\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Android ransomware is a threatening malware that is targeting individuals and enterprises. Many existing approaches suggested different ransomware detection solutions to protect users’ devices and data. These solutions used mainly static-based or dynamic-based analysis systems. However, the current solutions have considered only the old versions of Android platforms. In this paper, an efficient machine learning-based ransomware detection approach is proposed. This approach has studied deeply the latest version of Android (Version 11, API Level 30) to include the updated list of features including permissions and API packages calls that might be utilized by ransomware attacks. A new dataset was created after parsing 1000 apps to extract these features. Afterwards, different machine learning techniques were executed to generate different predictive models for Andoird ransomware. Some predictive models reached 98.3% of detection accuracy even after reducing around 26% of the overall features set.\",\"PeriodicalId\":272573,\"journal\":{\"name\":\"2021 1st International Conference on Artificial Intelligence and Data Analytics (CAIDA)\",\"volume\":\"854 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-04-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 1st International Conference on Artificial Intelligence and Data Analytics (CAIDA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CAIDA51941.2021.9425059\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 1st International Conference on Artificial Intelligence and Data Analytics (CAIDA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CAIDA51941.2021.9425059","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

摘要

安卓勒索软件是一种针对个人和企业的威胁性恶意软件。许多现有的方法提出了不同的勒索软件检测解决方案，以保护用户的设备和数据。这些解决方案主要使用基于静态或基于动态的分析系统。然而，目前的解决方案只考虑了旧版本的Android平台。本文提出了一种基于机器学习的高效勒索软件检测方法。这种方法深入研究了最新版本的Android(版本11,API Level 30)，包括可能被勒索软件攻击利用的权限和API包调用等更新的功能列表。在分析了1000个应用程序以提取这些特征后，创建了一个新的数据集。之后，使用不同的机器学习技术生成不同的andiird勒索软件预测模型。一些预测模型在减少了大约26%的总体特征集之后，仍然达到了98.3%的检测准确率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An Efficient Machine Learning-based Approach for Android v.11 Ransomware Detection

Android ransomware is a threatening malware that is targeting individuals and enterprises. Many existing approaches suggested different ransomware detection solutions to protect users’ devices and data. These solutions used mainly static-based or dynamic-based analysis systems. However, the current solutions have considered only the old versions of Android platforms. In this paper, an efficient machine learning-based ransomware detection approach is proposed. This approach has studied deeply the latest version of Android (Version 11, API Level 30) to include the updated list of features including permissions and API packages calls that might be utilized by ransomware attacks. A new dataset was created after parsing 1000 apps to extract these features. Afterwards, different machine learning techniques were executed to generate different predictive models for Andoird ransomware. Some predictive models reached 98.3% of detection accuracy even after reducing around 26% of the overall features set.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2021 1st International Conference on Artificial Intelligence and Data Analytics (CAIDA)

自引率

0.00%

发文量