Ransomware detection system based on machine learning
Other Title(s)
نظام الكشف عن برامج الفدية المستند إلى التعليم الآلي
Joint Authors
Ahmad, Umar Shamil
al-Dabbagh, Umar Abd al-Minam Ibrahim
Source
al-Tarbiyah wa-al-Ilm : Majallat ilmiyah lil-Buhuth al-Ilmiyah al-Asasiyah
Issue
Vol. 30, Issue 5 (31 May. 2021), pp.86-102, 17 p.
Publisher
University of Mosul College of Education for Pure Science
Publication Date
2021-05-31
Country of Publication
Iraq
No. of Pages
17
Main Subjects
Information Technology and Computer Science
Topics
Abstract EN
In every day, there is a great growth of the Internet and smart devices connected to the network.
On the other hand, there is an increasing in number of malwares that attacks networks, devices, systems and apps.
One of the biggest threats and newest attacks in cybersecurity is Ransom Software (Ransomware).
Although there is a lot of research on detecting malware using machine learning (ML), only a few focuses on ML-based ransomware detection.
Especially attacks targeting smartphone operating systems (e.
g.
, Android) and applications.
In this research, a new system was proposed to protect smartphones from malicious apps through monitoring network traffic.
Six ML methods (Random Forest (RF), k-Nearest Neighbors (k-NN), Multi-Layer Perceptron (MLP), Decision tree (DT), Logistic Regression (LR), and eXtreme Gradient Boosting (XGB)) are applied on CICAndMal2017 dataset which consists of benign and various kinds of android malware samples.
A 603288 benign and ransomware samples were extracted from this collection.
Ransomware samples are collected from 10 different families.
Several types of feature selection techniques have been used on the dataset.
Finally, seven performance metrics were used to determine the best one of feature selection and ML classifiers for ransomware detection.
The experiments results imply that DT and XGB outperforms other classifiers with best detection accuracy are more than (99.30% ) and (99.20% ) for (DT) and (XGB) respectively.
In every day, there is a great growth of the Internet and smart devices connected to the network.
On the other hand, there is an increasing in number of malwares that attacks networks, devices, systems and apps.
One of the biggest threats and newest attacks in cybersecurity is Ransom Software (Ransomware).
Although there is a lot of research on detecting malware using machine learning (ML), only a few focuses on ML-based ransomware detection.
Especially attacks targeting smartphone operating systems (e.
g.
, Android) and applications.
In this research, a new system was proposed to protect smartphones from malicious apps through monitoring network traffic.
Six ML methods (Random Forest (RF), k-Nearest Neighbors (k-NN), Multi-Layer Perceptron (MLP), Decision tree (DT), Logistic Regression (LR), and eXtreme Gradient Boosting (XGB)) are applied on CICAndMal2017 dataset which consists of benign and various kinds of android malware samples.
A 603288 benign and ransomware samples were extracted from this collection.
Ransomware samples are collected from 10 different families.
Several types of feature selection techniques have been used on the dataset.
Finally, seven performance metrics were used to determine the best one of feature selection and ML classifiers for ransomware detection.
The experiments results imply that DT and XGB outperforms other classifiers with best detection accuracy are more than (99.30% ) and (99.20% ) for (DT) and (XGB) respectively.
American Psychological Association (APA)
Ahmad, Umar Shamil& al-Dabbagh, Umar Abd al-Minam Ibrahim. 2021. Ransomware detection system based on machine learning. al-Tarbiyah wa-al-Ilm : Majallat ilmiyah lil-Buhuth al-Ilmiyah al-Asasiyah،Vol. 30, no. 5, pp.86-102.
https://search.emarefa.net/detail/BIM-1302556
Modern Language Association (MLA)
Ahmad, Umar Shamil& al-Dabbagh, Umar Abd al-Minam Ibrahim. Ransomware detection system based on machine learning. al-Tarbiyah wa-al-Ilm : Majallat ilmiyah lil-Buhuth al-Ilmiyah al-Asasiyah Vol. 30, no. 5 (2021), pp.86-102.
https://search.emarefa.net/detail/BIM-1302556
American Medical Association (AMA)
Ahmad, Umar Shamil& al-Dabbagh, Umar Abd al-Minam Ibrahim. Ransomware detection system based on machine learning. al-Tarbiyah wa-al-Ilm : Majallat ilmiyah lil-Buhuth al-Ilmiyah al-Asasiyah. 2021. Vol. 30, no. 5, pp.86-102.
https://search.emarefa.net/detail/BIM-1302556
Data Type
Journal Articles
Language
English
Notes
-
Record ID
BIM-1302556