Litcius/Paper detail

A Novel Machine Learning Cyber Approach for Detecting WannaLocker Ransomware Attack on Android Devices

Mahmoud AlJamal, Rabee Alquran, Issa Al-Aiash, Ala Mughaid, Shadi AlZu’bi, Ala A. Abutabanjeh

202323 citationsDOI

Abstract

The widespread use of Android mobile phones in recent years has increased the risk of vulnerabilities that attackers can exploit, potentially leading to malware downloads and system damage. This paper presents an effective solution utilizing Machine Learning (ML), a subset of artificial intelligence, to detect Wannalocker ransomware specifically targeting Android devices. To achieve this objective, we employed the CICAndMal2017 dataset with several modifications to make it suitable for ML analysis. These modifications included data normalization, label encoding, attribute name resolution, and addressing data imbalance through the Synthetic Minority Over-sampling Technique (SMOTE). Furthermore, we performed feature selection using three distinct methods and applied a voting principle to select the most frequently occurring attributes. The resulting dataset was then subjected to various classifiers, yielding exceptional classification accuracy compared to previous studies. Notably, the BayesNet classifier achieved an accuracy of 99.1%. These findings demonstrate the efficacy of the proposed ML-based approach in bol-stering Android device security against Wannalocker ransomware, providing a valuable contribution to the field of mobile device security

Topics & Concepts

Computer scienceRansomwareAndroid (operating system)ExploitMalwareMachine learningArtificial intelligenceFeature selectionAndroid malwareClassifier (UML)Mobile deviceNormalization (sociology)Computer securityData miningOperating systemSociologyAnthropologyAdvanced Malware Detection TechniquesNetwork Security and Intrusion DetectionSpam and Phishing Detection
A Novel Machine Learning Cyber Approach for Detecting WannaLocker Ransomware Attack on Android Devices | Litcius