期刊
COMPUTERS & ELECTRICAL ENGINEERING
卷 100, 期 -, 页码 -出版社
PERGAMON-ELSEVIER SCIENCE LTD
DOI: 10.1016/j.compeleceng.2022.107903
关键词
Android ransomware; Adversarial evasion attacks; Machine learning-based ensemble analysis; Attack mitigation; Ransomware detection
Ransomware poses a significant cybersecurity threat by extorting money from users through device and data lockout. This study proposes a hybrid approach that combines monitoring different features and utilizing ensemble machine learning analyzers to classify and detect ransomware behavior, aiming to mitigate adversarial evasion attacks.
Ransomware continues to pose a significant threat to cybersecurity by extorting money from users by locking their devices and personal data. The attackers force the payment of a ransom in order to restore access to personal files. Because of the structural similarity, detection of ransomware and benign applications becomes vulnerable to evasion attacks. Ensemble learning can provide countermeasures, while attackers can use the same technique to improve the effectiveness of their respective attacks. This motivates us to investigate whether the distinct ensemble method can achieve better performance when combined with the votingbased method. This research proposes a hybrid approach that examines permissions, text, and network-based features both statically and dynamically by monitoring memory usage, system call logs, and CPU usage. Ensemble machine learning analyzers on static and dynamic features extracted from Android malware applications (ransomware and non-ransomware) are then trained in the designed model. Our experimental results show that the proposed ensemble classification and detection technique can classify unknown static and dynamic ransomware behavior to mitigate adversarial evasion attacks.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据