Skip to main content
Erschienen in:

01.06.2024

Enhanced Android Ransomware Detection Through Hybrid Simultaneous Swarm-Based Optimization

verfasst von: Moutaz Alazab, Ruba Abu Khurma, David Camacho, Alejandro Martín

Erschienen in: Cognitive Computation | Ausgabe 5/2024

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Ransomware is a significant security threat that poses a serious risk to the security of smartphones, and its impact on portable devices has been extensively discussed in a number of research papers. In recent times, this threat has witnessed a significant increase, causing substantial losses for both individuals and organizations. The emergence and widespread occurrence of diverse forms of ransomware present a significant impediment to the pursuit of reliable security measures that can effectively combat them. This constitutes a formidable challenge due to the dynamic nature of ransomware, which renders traditional security protocols inadequate, as they might have a high false alarm rate and exert significant processing demands on mobile devices that are restricted by limited battery life, CPU, and memory. This paper proposes a novel intelligent method for detecting ransomware that is based on a hybrid multi-solution binary JAYA algorithm with a single-solution simulated annealing (SA). The primary objective is to leverage the exploitation power of SA in supporting the exploration power of the binary JAYA algorithm. This approach results in a better balance between global and local search milestones. The empirical results of our research demonstrate the superiority of the proposed SMO-BJAYA-SA-SVM method over other algorithms based on the evaluation measures used. The proposed method achieved an accuracy rate of 98.7%, a precision of 98.6%, a recall of 98.7%, and an F1 score of 98.6%. Therefore, we believe that our approach is an effective method for detecting ransomware on portable devices. It has the potential to provide a more reliable and efficient solution to this growing security threat.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literatur
1.
Zurück zum Zitat Decarolis F, Li M. Regulating online search in the EU: from the android case to the digital markets act and digital services act. Int J Ind Organ. 2023;90. Decarolis F, Li M. Regulating online search in the EU: from the android case to the digital markets act and digital services act. Int J Ind Organ. 2023;90.
2.
Zurück zum Zitat VonderLinden C, Walton J, Melaragno A, Casey W. The visualization of ransomware infection. In 2022 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). IEEE; 2022: pp. 1–7. VonderLinden C, Walton J, Melaragno A, Casey W. The visualization of ransomware infection. In 2022 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). IEEE; 2022: pp. 1–7.
3.
Zurück zum Zitat Alazab M. Android ransomware detection using binary JAYA optimization algorithm. Expert Syst. 2024;41(1). Alazab M. Android ransomware detection using binary JAYA optimization algorithm. Expert Syst. 2024;41(1).
4.
Zurück zum Zitat Boticiu S, Teichmann F. How does one negotiate with ransomware attackers? Int Cybersecur Law Rev. 2024;5(1):55–65.CrossRef Boticiu S, Teichmann F. How does one negotiate with ransomware attackers? Int Cybersecur Law Rev. 2024;5(1):55–65.CrossRef
5.
Zurück zum Zitat Bashir S, Maqbool F, Khan FH, Abid AS. Hybrid machine learning model for malware analysis in android apps. Pervasive Mob Comput. 2024;97: 101859.CrossRef Bashir S, Maqbool F, Khan FH, Abid AS. Hybrid machine learning model for malware analysis in android apps. Pervasive Mob Comput. 2024;97: 101859.CrossRef
6.
Zurück zum Zitat Gopinath M, Sethuraman SC. A comprehensive survey on deep learning based malware detection techniques. Computer Science Review. 2023;47: 100529.CrossRef Gopinath M, Sethuraman SC. A comprehensive survey on deep learning based malware detection techniques. Computer Science Review. 2023;47: 100529.CrossRef
7.
Zurück zum Zitat Zitar RA, Al-Betar MA, Awadallah MA, Doush IA, Assaleh K. An intensive and comprehensive overview of JAYA algorithm, its versions and applications. Arch Comput Methods Eng, 2021; pp. 1–30. Zitar RA, Al-Betar MA, Awadallah MA, Doush IA, Assaleh K. An intensive and comprehensive overview of JAYA algorithm, its versions and applications. Arch Comput Methods Eng, 2021; pp. 1–30.
8.
Zurück zum Zitat Pan X, Xue L, Lu Y, Sun N. Hybrid particle swarm optimization with simulated annealing. Multimed Tools Appl. 2019;78(21):29921–36.CrossRef Pan X, Xue L, Lu Y, Sun N. Hybrid particle swarm optimization with simulated annealing. Multimed Tools Appl. 2019;78(21):29921–36.CrossRef
9.
Zurück zum Zitat Agrawal R, Stokes JW, Selvaraj K, Marinescu M. Attention in recurrent neural networks for ransomware detection. In: ICASSP 2019-2019 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), IEEE, 2019, pp. 3222–3226. Agrawal R, Stokes JW, Selvaraj K, Marinescu M. Attention in recurrent neural networks for ransomware detection. In: ICASSP 2019-2019 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), IEEE, 2019, pp. 3222–3226.
10.
Zurück zum Zitat Brewer R. Ransomware attacks: detection, prevention and cure. Netw Secur. 2016;2016(9):5–9.CrossRef Brewer R. Ransomware attacks: detection, prevention and cure. Netw Secur. 2016;2016(9):5–9.CrossRef
11.
Zurück zum Zitat Wang S, Chen Z, Yan Q, Yang B, Peng L, Jia Z. A mobile malware detection method using behavior features in network traffic. J Netw Comput Appl. 2019;133:15–25.CrossRef Wang S, Chen Z, Yan Q, Yang B, Peng L, Jia Z. A mobile malware detection method using behavior features in network traffic. J Netw Comput Appl. 2019;133:15–25.CrossRef
12.
Zurück zum Zitat Bae SI, Lee GB, Im EG. Ransomware detection using machine learning algorithms. Concurr Comput Pract Exp. 2020;32(18):e5422. Bae SI, Lee GB, Im EG. Ransomware detection using machine learning algorithms. Concurr Comput Pract Exp. 2020;32(18):e5422.
13.
Zurück zum Zitat Manzano C, Meneses C, Leger P. An empirical comparison of supervised algorithms for ransomware identification on network traffic. In 2020 39th International Conference of the Chilean Computer Science Society (SCCC). IEEE, 2020, pp 1–7. Manzano C, Meneses C, Leger P. An empirical comparison of supervised algorithms for ransomware identification on network traffic. In 2020 39th International Conference of the Chilean Computer Science Society (SCCC). IEEE, 2020, pp 1–7.
14.
Zurück zum Zitat Soi D, Sanna A, Maiorca D, Giacinto G. Enhancing android malware detection explainability through function call graph APIs. J Inf Secur Appl. 2024;80. Soi D, Sanna A, Maiorca D, Giacinto G. Enhancing android malware detection explainability through function call graph APIs. J Inf Secur Appl. 2024;80.
15.
Zurück zum Zitat Kim T, Kang B, Rho M, Sezer S, Im EG. A multimodal deep learning method for android malware detection using various features. IEEE Trans Inf Forensics Secur. 2018;14(3):773–88.CrossRef Kim T, Kang B, Rho M, Sezer S, Im EG. A multimodal deep learning method for android malware detection using various features. IEEE Trans Inf Forensics Secur. 2018;14(3):773–88.CrossRef
16.
Zurück zum Zitat Masum M, Faruk MJH, Shahriar H, Qian K, Lo D, Adnan MI. Ransomware classification and detection with machine learning algorithms. In 2022 IEEE 12th Annual Computing and Communication Workshop and Conference (CCWC). IEEE, 2022, pp 0316–22. Masum M, Faruk MJH, Shahriar H, Qian K, Lo D, Adnan MI. Ransomware classification and detection with machine learning algorithms. In 2022 IEEE 12th Annual Computing and Communication Workshop and Conference (CCWC). IEEE, 2022, pp 0316–22.
17.
Zurück zum Zitat Zhang H, Xiao X, Mercaldo F, Ni S, Martinelli F, Sangaiah AK. Classification of ransomware families with machine learning based on N-gram of opcodes. Futur Gener Comput Syst. 2019;90:211–21.CrossRef Zhang H, Xiao X, Mercaldo F, Ni S, Martinelli F, Sangaiah AK. Classification of ransomware families with machine learning based on N-gram of opcodes. Futur Gener Comput Syst. 2019;90:211–21.CrossRef
18.
Zurück zum Zitat Abdullah Z, Muhadi FW, Saudi MM, Hamid IRA, Foozy CFM. Android ransomware detection based on dynamic obtained features, in: Recent Advances on Soft Computing and Data Mining: Proceedings of the Fourth International Conference on Soft Computing and Data Mining (SCDM 2020), Melaka, Malaysia, January 22–23, 2020, Springer, 2020, pp. 121–129. Abdullah Z, Muhadi FW, Saudi MM, Hamid IRA, Foozy CFM. Android ransomware detection based on dynamic obtained features, in: Recent Advances on Soft Computing and Data Mining: Proceedings of the Fourth International Conference on Soft Computing and Data Mining (SCDM 2020), Melaka, Malaysia, January 22–23, 2020, Springer, 2020, pp. 121–129.
19.
Zurück zum Zitat Gera T, Singh J, Faruki P, Thakur D. Efficacy of android security mechanisms on ransomware analysis and detection, in: AIP Conference Proceedings, Vol. 2357, AIP Publishing LLC, 2022, p. 040007. Gera T, Singh J, Faruki P, Thakur D. Efficacy of android security mechanisms on ransomware analysis and detection, in: AIP Conference Proceedings, Vol. 2357, AIP Publishing LLC, 2022, p. 040007.
20.
Zurück zum Zitat Bibi I, Akhunzada A, Malik J, Ahmed G, Raza M. An effective android ransomware detection through multi-factor feature filtration and recurrent neural network. In 2019 UK/China Emerging Technologies (UCET). IEEE, 2019, pp 1–4. Bibi I, Akhunzada A, Malik J, Ahmed G, Raza M. An effective android ransomware detection through multi-factor feature filtration and recurrent neural network. In 2019 UK/China Emerging Technologies (UCET). IEEE, 2019, pp 1–4.
21.
Zurück zum Zitat Abbasi MS, Al-Sahaf H, Mansoori M, Welch I. Behavior-based ransomware classification: a particle swarm optimisation wrapper-based approach for feature selection. Appl Soft Comput. 2022;108744. Abbasi MS, Al-Sahaf H, Mansoori M, Welch I. Behavior-based ransomware classification: a particle swarm optimisation wrapper-based approach for feature selection. Appl Soft Comput. 2022;108744.
22.
Zurück zum Zitat Alzubi OA, Alzubi JA, Al-Zoubi A, Hassonah MA, Kose U. An efficient malware detection approach with feature weighting based on Harris hawks optimization. Clust Comput. 2021; pp. 1–19. Alzubi OA, Alzubi JA, Al-Zoubi A, Hassonah MA, Kose U. An efficient malware detection approach with feature weighting based on Harris hawks optimization. Clust Comput. 2021; pp. 1–19.
23.
Zurück zum Zitat Albin Ahmed A, Shaahid A, Alnasser F, Alfaddagh S, Binagag S, Alqahtani D. Android ransomware detection using supervised machine learning techniques based on traffic analysis. Sensors. 2023;24(1):189.CrossRef Albin Ahmed A, Shaahid A, Alnasser F, Alfaddagh S, Binagag S, Alqahtani D. Android ransomware detection using supervised machine learning techniques based on traffic analysis. Sensors. 2023;24(1):189.CrossRef
24.
Zurück zum Zitat Zhang W, Luktarhan N, Ding C, Lu B. Android malware detection using TCN with bytecode image. Symmetry. 2021;13(7):1107.CrossRef Zhang W, Luktarhan N, Ding C, Lu B. Android malware detection using TCN with bytecode image. Symmetry. 2021;13(7):1107.CrossRef
25.
Zurück zum Zitat Yadav P, Menon N, Ravi V, Vishvanathan S, Pham TD. Efficientnet convolutional neural networks-based android malware detection. Comput Secur. 2022;115: 102622. Yadav P, Menon N, Ravi V, Vishvanathan S, Pham TD. Efficientnet convolutional neural networks-based android malware detection. Comput Secur. 2022;115: 102622.
26.
Zurück zum Zitat Qaddoura R, Aljarah I, Faris H, Almomani I. A classification approach based on evolutionary clustering and its application for ransomware detection, in: Evolutionary Data Clustering: Algorithms and Applications, Springer, 2021, pp. 237–248. Qaddoura R, Aljarah I, Faris H, Almomani I. A classification approach based on evolutionary clustering and its application for ransomware detection, in: Evolutionary Data Clustering: Algorithms and Applications, Springer, 2021, pp. 237–248.
27.
Zurück zum Zitat Almomani I, Qaddoura R, Habib M, Alsoghyer S, Al Khayer A, Aljarah I, Faris H. Android ransomware detection based on a hybrid evolutionary approach in the context of highly imbalanced data. IEEE Access. 2021;9:57674–91. Almomani I, Qaddoura R, Habib M, Alsoghyer S, Al Khayer A, Aljarah I, Faris H. Android ransomware detection based on a hybrid evolutionary approach in the context of highly imbalanced data. IEEE Access. 2021;9:57674–91.
28.
Zurück zum Zitat Faris H, Habib M, Almomani I, Eshtay M, Aljarah I. Optimizing extreme learning machines using chains of Salps for efficient android ransomware detection. Appl Sci. 2020;10(11):3706.CrossRef Faris H, Habib M, Almomani I, Eshtay M, Aljarah I. Optimizing extreme learning machines using chains of Salps for efficient android ransomware detection. Appl Sci. 2020;10(11):3706.CrossRef
29.
Zurück zum Zitat Wah YB, Ismail A, Azid N, Niswah N, Jaafar J, Aziz IA, Hasan MH, Zain JM. Machine learning and synthetic minority oversampling techniques for imbalanced data: improving machine failure prediction. Comput Mater Cont. 2023;75(3). Wah YB, Ismail A, Azid N, Niswah N, Jaafar J, Aziz IA, Hasan MH, Zain JM. Machine learning and synthetic minority oversampling techniques for imbalanced data: improving machine failure prediction. Comput Mater Cont. 2023;75(3).
30.
Zurück zum Zitat Khurma RA, Aljarah I, Sharieh A. A simultaneous moth flame optimizer feature selection approach based on Levy flight and selection operators for medical diagnosis. Arab J Sci Eng. 2021;46(9):8415–40. Khurma RA, Aljarah I, Sharieh A. A simultaneous moth flame optimizer feature selection approach based on Levy flight and selection operators for medical diagnosis. Arab J Sci Eng. 2021;46(9):8415–40.
31.
Zurück zum Zitat Shehab M, Khader AT, Al-Betar M. New selection schemes for particle swarm optimization. IEEJ Trans Electron Inf Syst. 2016;136(12):1706–11. Shehab M, Khader AT, Al-Betar M. New selection schemes for particle swarm optimization. IEEJ Trans Electron Inf Syst. 2016;136(12):1706–11.
Metadaten
Titel
Enhanced Android Ransomware Detection Through Hybrid Simultaneous Swarm-Based Optimization
verfasst von
Moutaz Alazab
Ruba Abu Khurma
David Camacho
Alejandro Martín
Publikationsdatum
01.06.2024
Verlag
Springer US
Erschienen in
Cognitive Computation / Ausgabe 5/2024
Print ISSN: 1866-9956
Elektronische ISSN: 1866-9964
DOI
https://doi.org/10.1007/s12559-024-10301-4

Weitere Artikel der Ausgabe 5/2024

Cognitive Computation 5/2024 Zur Ausgabe