RanDroid: Structural Similarity Approach for Detecting Ransomware Applications in Android Platform | IEEE Conference Publication | IEEE Xplore

RanDroid: Structural Similarity Approach for Detecting Ransomware Applications in Android Platform


Abstract:

The worldwide epidemic of ransomware monetary gains has grown astonishingly. This crimeware form is emerged to extort innocent users under the threat of locking their dev...Show More

Abstract:

The worldwide epidemic of ransomware monetary gains has grown astonishingly. This crimeware form is emerged to extort innocent users under the threat of locking their devices and/or encrypting their files. To mitigate the growth of ransomware attacks, cybersecurity researchers have proposed various solutions based on the functionalities of those attacks. However, this polymorphic type is kept refined to increase the appearance of new families and survive against mitigation approaches. This paper introduces RanDroid, a new automated lightweight approach for detecting ransomware variants in Android platform by measuring the structural similarity between a set of collected information from an inspected application and a set of predefined threatening information collected from known ransomware variants. Furthermore, RanDroid performs a linguistic analysis on the app's code as well as image textural strings to enhance further revelation. RanDroid was evaluated using 950 ransomware samples. In addition, this approach is capable of extracting threatening messages from samples that use evasion techniques such as sophisticated codes or dynamic payloads.
Date of Conference: 03-05 May 2018
Date Added to IEEE Xplore: 21 October 2018
ISBN Information:

ISSN Information:

Conference Location: Rochester, MI, USA

References

References is not available for this document.