Skip to main content
Top
Published in:

01-06-2024

Enhanced Android Ransomware Detection Through Hybrid Simultaneous Swarm-Based Optimization

Authors: Moutaz Alazab, Ruba Abu Khurma, David Camacho, Alejandro Martín

Published in: Cognitive Computation | Issue 5/2024

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Ransomware is a significant security threat that poses a serious risk to the security of smartphones, and its impact on portable devices has been extensively discussed in a number of research papers. In recent times, this threat has witnessed a significant increase, causing substantial losses for both individuals and organizations. The emergence and widespread occurrence of diverse forms of ransomware present a significant impediment to the pursuit of reliable security measures that can effectively combat them. This constitutes a formidable challenge due to the dynamic nature of ransomware, which renders traditional security protocols inadequate, as they might have a high false alarm rate and exert significant processing demands on mobile devices that are restricted by limited battery life, CPU, and memory. This paper proposes a novel intelligent method for detecting ransomware that is based on a hybrid multi-solution binary JAYA algorithm with a single-solution simulated annealing (SA). The primary objective is to leverage the exploitation power of SA in supporting the exploration power of the binary JAYA algorithm. This approach results in a better balance between global and local search milestones. The empirical results of our research demonstrate the superiority of the proposed SMO-BJAYA-SA-SVM method over other algorithms based on the evaluation measures used. The proposed method achieved an accuracy rate of 98.7%, a precision of 98.6%, a recall of 98.7%, and an F1 score of 98.6%. Therefore, we believe that our approach is an effective method for detecting ransomware on portable devices. It has the potential to provide a more reliable and efficient solution to this growing security threat.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literature
1.
go back to reference Decarolis F, Li M. Regulating online search in the EU: from the android case to the digital markets act and digital services act. Int J Ind Organ. 2023;90. Decarolis F, Li M. Regulating online search in the EU: from the android case to the digital markets act and digital services act. Int J Ind Organ. 2023;90.
2.
go back to reference VonderLinden C, Walton J, Melaragno A, Casey W. The visualization of ransomware infection. In 2022 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). IEEE; 2022: pp. 1–7. VonderLinden C, Walton J, Melaragno A, Casey W. The visualization of ransomware infection. In 2022 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). IEEE; 2022: pp. 1–7.
3.
go back to reference Alazab M. Android ransomware detection using binary JAYA optimization algorithm. Expert Syst. 2024;41(1). Alazab M. Android ransomware detection using binary JAYA optimization algorithm. Expert Syst. 2024;41(1).
4.
go back to reference Boticiu S, Teichmann F. How does one negotiate with ransomware attackers? Int Cybersecur Law Rev. 2024;5(1):55–65.CrossRef Boticiu S, Teichmann F. How does one negotiate with ransomware attackers? Int Cybersecur Law Rev. 2024;5(1):55–65.CrossRef
5.
go back to reference Bashir S, Maqbool F, Khan FH, Abid AS. Hybrid machine learning model for malware analysis in android apps. Pervasive Mob Comput. 2024;97: 101859.CrossRef Bashir S, Maqbool F, Khan FH, Abid AS. Hybrid machine learning model for malware analysis in android apps. Pervasive Mob Comput. 2024;97: 101859.CrossRef
6.
go back to reference Gopinath M, Sethuraman SC. A comprehensive survey on deep learning based malware detection techniques. Computer Science Review. 2023;47: 100529.CrossRef Gopinath M, Sethuraman SC. A comprehensive survey on deep learning based malware detection techniques. Computer Science Review. 2023;47: 100529.CrossRef
7.
go back to reference Zitar RA, Al-Betar MA, Awadallah MA, Doush IA, Assaleh K. An intensive and comprehensive overview of JAYA algorithm, its versions and applications. Arch Comput Methods Eng, 2021; pp. 1–30. Zitar RA, Al-Betar MA, Awadallah MA, Doush IA, Assaleh K. An intensive and comprehensive overview of JAYA algorithm, its versions and applications. Arch Comput Methods Eng, 2021; pp. 1–30.
8.
go back to reference Pan X, Xue L, Lu Y, Sun N. Hybrid particle swarm optimization with simulated annealing. Multimed Tools Appl. 2019;78(21):29921–36.CrossRef Pan X, Xue L, Lu Y, Sun N. Hybrid particle swarm optimization with simulated annealing. Multimed Tools Appl. 2019;78(21):29921–36.CrossRef
9.
go back to reference Agrawal R, Stokes JW, Selvaraj K, Marinescu M. Attention in recurrent neural networks for ransomware detection. In: ICASSP 2019-2019 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), IEEE, 2019, pp. 3222–3226. Agrawal R, Stokes JW, Selvaraj K, Marinescu M. Attention in recurrent neural networks for ransomware detection. In: ICASSP 2019-2019 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), IEEE, 2019, pp. 3222–3226.
10.
go back to reference Brewer R. Ransomware attacks: detection, prevention and cure. Netw Secur. 2016;2016(9):5–9.CrossRef Brewer R. Ransomware attacks: detection, prevention and cure. Netw Secur. 2016;2016(9):5–9.CrossRef
11.
go back to reference Wang S, Chen Z, Yan Q, Yang B, Peng L, Jia Z. A mobile malware detection method using behavior features in network traffic. J Netw Comput Appl. 2019;133:15–25.CrossRef Wang S, Chen Z, Yan Q, Yang B, Peng L, Jia Z. A mobile malware detection method using behavior features in network traffic. J Netw Comput Appl. 2019;133:15–25.CrossRef
12.
go back to reference Bae SI, Lee GB, Im EG. Ransomware detection using machine learning algorithms. Concurr Comput Pract Exp. 2020;32(18):e5422. Bae SI, Lee GB, Im EG. Ransomware detection using machine learning algorithms. Concurr Comput Pract Exp. 2020;32(18):e5422.
13.
go back to reference Manzano C, Meneses C, Leger P. An empirical comparison of supervised algorithms for ransomware identification on network traffic. In 2020 39th International Conference of the Chilean Computer Science Society (SCCC). IEEE, 2020, pp 1–7. Manzano C, Meneses C, Leger P. An empirical comparison of supervised algorithms for ransomware identification on network traffic. In 2020 39th International Conference of the Chilean Computer Science Society (SCCC). IEEE, 2020, pp 1–7.
14.
go back to reference Soi D, Sanna A, Maiorca D, Giacinto G. Enhancing android malware detection explainability through function call graph APIs. J Inf Secur Appl. 2024;80. Soi D, Sanna A, Maiorca D, Giacinto G. Enhancing android malware detection explainability through function call graph APIs. J Inf Secur Appl. 2024;80.
15.
go back to reference Kim T, Kang B, Rho M, Sezer S, Im EG. A multimodal deep learning method for android malware detection using various features. IEEE Trans Inf Forensics Secur. 2018;14(3):773–88.CrossRef Kim T, Kang B, Rho M, Sezer S, Im EG. A multimodal deep learning method for android malware detection using various features. IEEE Trans Inf Forensics Secur. 2018;14(3):773–88.CrossRef
16.
go back to reference Masum M, Faruk MJH, Shahriar H, Qian K, Lo D, Adnan MI. Ransomware classification and detection with machine learning algorithms. In 2022 IEEE 12th Annual Computing and Communication Workshop and Conference (CCWC). IEEE, 2022, pp 0316–22. Masum M, Faruk MJH, Shahriar H, Qian K, Lo D, Adnan MI. Ransomware classification and detection with machine learning algorithms. In 2022 IEEE 12th Annual Computing and Communication Workshop and Conference (CCWC). IEEE, 2022, pp 0316–22.
17.
go back to reference Zhang H, Xiao X, Mercaldo F, Ni S, Martinelli F, Sangaiah AK. Classification of ransomware families with machine learning based on N-gram of opcodes. Futur Gener Comput Syst. 2019;90:211–21.CrossRef Zhang H, Xiao X, Mercaldo F, Ni S, Martinelli F, Sangaiah AK. Classification of ransomware families with machine learning based on N-gram of opcodes. Futur Gener Comput Syst. 2019;90:211–21.CrossRef
18.
go back to reference Abdullah Z, Muhadi FW, Saudi MM, Hamid IRA, Foozy CFM. Android ransomware detection based on dynamic obtained features, in: Recent Advances on Soft Computing and Data Mining: Proceedings of the Fourth International Conference on Soft Computing and Data Mining (SCDM 2020), Melaka, Malaysia, January 22–23, 2020, Springer, 2020, pp. 121–129. Abdullah Z, Muhadi FW, Saudi MM, Hamid IRA, Foozy CFM. Android ransomware detection based on dynamic obtained features, in: Recent Advances on Soft Computing and Data Mining: Proceedings of the Fourth International Conference on Soft Computing and Data Mining (SCDM 2020), Melaka, Malaysia, January 22–23, 2020, Springer, 2020, pp. 121–129.
19.
go back to reference Gera T, Singh J, Faruki P, Thakur D. Efficacy of android security mechanisms on ransomware analysis and detection, in: AIP Conference Proceedings, Vol. 2357, AIP Publishing LLC, 2022, p. 040007. Gera T, Singh J, Faruki P, Thakur D. Efficacy of android security mechanisms on ransomware analysis and detection, in: AIP Conference Proceedings, Vol. 2357, AIP Publishing LLC, 2022, p. 040007.
20.
go back to reference Bibi I, Akhunzada A, Malik J, Ahmed G, Raza M. An effective android ransomware detection through multi-factor feature filtration and recurrent neural network. In 2019 UK/China Emerging Technologies (UCET). IEEE, 2019, pp 1–4. Bibi I, Akhunzada A, Malik J, Ahmed G, Raza M. An effective android ransomware detection through multi-factor feature filtration and recurrent neural network. In 2019 UK/China Emerging Technologies (UCET). IEEE, 2019, pp 1–4.
21.
go back to reference Abbasi MS, Al-Sahaf H, Mansoori M, Welch I. Behavior-based ransomware classification: a particle swarm optimisation wrapper-based approach for feature selection. Appl Soft Comput. 2022;108744. Abbasi MS, Al-Sahaf H, Mansoori M, Welch I. Behavior-based ransomware classification: a particle swarm optimisation wrapper-based approach for feature selection. Appl Soft Comput. 2022;108744.
22.
go back to reference Alzubi OA, Alzubi JA, Al-Zoubi A, Hassonah MA, Kose U. An efficient malware detection approach with feature weighting based on Harris hawks optimization. Clust Comput. 2021; pp. 1–19. Alzubi OA, Alzubi JA, Al-Zoubi A, Hassonah MA, Kose U. An efficient malware detection approach with feature weighting based on Harris hawks optimization. Clust Comput. 2021; pp. 1–19.
23.
go back to reference Albin Ahmed A, Shaahid A, Alnasser F, Alfaddagh S, Binagag S, Alqahtani D. Android ransomware detection using supervised machine learning techniques based on traffic analysis. Sensors. 2023;24(1):189.CrossRef Albin Ahmed A, Shaahid A, Alnasser F, Alfaddagh S, Binagag S, Alqahtani D. Android ransomware detection using supervised machine learning techniques based on traffic analysis. Sensors. 2023;24(1):189.CrossRef
24.
go back to reference Zhang W, Luktarhan N, Ding C, Lu B. Android malware detection using TCN with bytecode image. Symmetry. 2021;13(7):1107.CrossRef Zhang W, Luktarhan N, Ding C, Lu B. Android malware detection using TCN with bytecode image. Symmetry. 2021;13(7):1107.CrossRef
25.
go back to reference Yadav P, Menon N, Ravi V, Vishvanathan S, Pham TD. Efficientnet convolutional neural networks-based android malware detection. Comput Secur. 2022;115: 102622. Yadav P, Menon N, Ravi V, Vishvanathan S, Pham TD. Efficientnet convolutional neural networks-based android malware detection. Comput Secur. 2022;115: 102622.
26.
go back to reference Qaddoura R, Aljarah I, Faris H, Almomani I. A classification approach based on evolutionary clustering and its application for ransomware detection, in: Evolutionary Data Clustering: Algorithms and Applications, Springer, 2021, pp. 237–248. Qaddoura R, Aljarah I, Faris H, Almomani I. A classification approach based on evolutionary clustering and its application for ransomware detection, in: Evolutionary Data Clustering: Algorithms and Applications, Springer, 2021, pp. 237–248.
27.
go back to reference Almomani I, Qaddoura R, Habib M, Alsoghyer S, Al Khayer A, Aljarah I, Faris H. Android ransomware detection based on a hybrid evolutionary approach in the context of highly imbalanced data. IEEE Access. 2021;9:57674–91. Almomani I, Qaddoura R, Habib M, Alsoghyer S, Al Khayer A, Aljarah I, Faris H. Android ransomware detection based on a hybrid evolutionary approach in the context of highly imbalanced data. IEEE Access. 2021;9:57674–91.
28.
go back to reference Faris H, Habib M, Almomani I, Eshtay M, Aljarah I. Optimizing extreme learning machines using chains of Salps for efficient android ransomware detection. Appl Sci. 2020;10(11):3706.CrossRef Faris H, Habib M, Almomani I, Eshtay M, Aljarah I. Optimizing extreme learning machines using chains of Salps for efficient android ransomware detection. Appl Sci. 2020;10(11):3706.CrossRef
29.
go back to reference Wah YB, Ismail A, Azid N, Niswah N, Jaafar J, Aziz IA, Hasan MH, Zain JM. Machine learning and synthetic minority oversampling techniques for imbalanced data: improving machine failure prediction. Comput Mater Cont. 2023;75(3). Wah YB, Ismail A, Azid N, Niswah N, Jaafar J, Aziz IA, Hasan MH, Zain JM. Machine learning and synthetic minority oversampling techniques for imbalanced data: improving machine failure prediction. Comput Mater Cont. 2023;75(3).
30.
go back to reference Khurma RA, Aljarah I, Sharieh A. A simultaneous moth flame optimizer feature selection approach based on Levy flight and selection operators for medical diagnosis. Arab J Sci Eng. 2021;46(9):8415–40. Khurma RA, Aljarah I, Sharieh A. A simultaneous moth flame optimizer feature selection approach based on Levy flight and selection operators for medical diagnosis. Arab J Sci Eng. 2021;46(9):8415–40.
31.
go back to reference Shehab M, Khader AT, Al-Betar M. New selection schemes for particle swarm optimization. IEEJ Trans Electron Inf Syst. 2016;136(12):1706–11. Shehab M, Khader AT, Al-Betar M. New selection schemes for particle swarm optimization. IEEJ Trans Electron Inf Syst. 2016;136(12):1706–11.
Metadata
Title
Enhanced Android Ransomware Detection Through Hybrid Simultaneous Swarm-Based Optimization
Authors
Moutaz Alazab
Ruba Abu Khurma
David Camacho
Alejandro Martín
Publication date
01-06-2024
Publisher
Springer US
Published in
Cognitive Computation / Issue 5/2024
Print ISSN: 1866-9956
Electronic ISSN: 1866-9964
DOI
https://doi.org/10.1007/s12559-024-10301-4

Premium Partner