Ransomware Detection System Based on Machine Learning

Ransomware Detection System Based on Machine Learning

In every day, there is a great growth of the Internet and smart devices connected to the network. On the other hand, there is an increasing in number of malwares that attacks networks, devices, systems and apps. One of the biggest threats and newest attacks in cybersecurity is Ransom Software (Ranso...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Omar Ahmed, Omar Al-Dabbagh
Formato: article
Lenguaje:AR
EN
Publicado: College of Education for Pure Sciences 2021
Materias:
malware,,
,،,؛ransomware,,
,،,؛static and dynamic analysis,,
,،,؛network traffic,,
,،,؛ml algorithms
Education
L
Science (General)
Q1-390
Acceso en línea:https://doaj.org/article/6ba065d614084de5b410b21616fcf49c
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
id oai:doaj.org-article:6ba065d614084de5b410b21616fcf49c
record_format dspace
spelling oai:doaj.org-article:6ba065d614084de5b410b21616fcf49c2021-12-01T14:54:26ZRansomware Detection System Based on Machine Learning1812-125X2664-253010.33899/edusj.2021.130760.1173https://doaj.org/article/6ba065d614084de5b410b21616fcf49c2021-12-01T00:00:00Zhttps://edusj.mosuljournals.com/article_169020_42fe53102bf4e09a04af71bf83c95bfb.pdfhttps://doaj.org/toc/1812-125Xhttps://doaj.org/toc/2664-2530In every day, there is a great growth of the Internet and smart devices connected to the network. On the other hand, there is an increasing in number of malwares that attacks networks, devices, systems and apps. One of the biggest threats and newest attacks in cybersecurity is Ransom Software (Ransomware). Although there is a lot of research on detecting malware using machine learning (ML), only a few focuses on ML-based ransomware detection. Especially attacks targeting smartphone operating systems (e.g., Android) and applications. In this research, a new system was proposed to protect smartphones from malicious apps through monitoring network traffic. Six ML methods (Random Forest (RF), k-Nearest Neighbors (k-NN), Multi-Layer Perceptron (MLP), Decision tree (DT), Logistic Regression (LR), and eXtreme Gradient Boosting (XGB)) are applied on CICAndMal2017 dataset which consists of benign and various kinds of android malware samples. A 603288 benign and ransomware samples were extracted from this collection. Ransomware samples are collected from 10 different families. Several types of feature selection techniques have been used on the dataset. Finally, seven performance metrics were used to determine the best one of feature selection and ML classifiers for ransomware detection. The experiments results imply that DT and XGB outperforms other classifiers with best detection accuracy are more than (99.30%) and (99.20%) for (DT) and (XGB) respectively.Omar AhmedOmar Al-DabbaghCollege of Education for Pure Sciencesarticlemalware,,,،,؛ransomware,,,،,؛static and dynamic analysis,,,،,؛network traffic,,,،,؛ml algorithmsEducationLScience (General)Q1-390ARENمجلة التربية والعلم, Vol 30, Iss 5, Pp 86-102 (2021)
institution DOAJ
collection DOAJ
language AR
EN
topic malware,,
,،,؛ransomware,,
,،,؛static and dynamic analysis,,
,،,؛network traffic,,
,،,؛ml algorithms
Education
L
Science (General)
Q1-390
spellingShingle malware,,
,،,؛ransomware,,
,،,؛static and dynamic analysis,,
,،,؛network traffic,,
,،,؛ml algorithms
Education
L
Science (General)
Q1-390
Omar Ahmed
Omar Al-Dabbagh
Ransomware Detection System Based on Machine Learning
description In every day, there is a great growth of the Internet and smart devices connected to the network. On the other hand, there is an increasing in number of malwares that attacks networks, devices, systems and apps. One of the biggest threats and newest attacks in cybersecurity is Ransom Software (Ransomware). Although there is a lot of research on detecting malware using machine learning (ML), only a few focuses on ML-based ransomware detection. Especially attacks targeting smartphone operating systems (e.g., Android) and applications. In this research, a new system was proposed to protect smartphones from malicious apps through monitoring network traffic. Six ML methods (Random Forest (RF), k-Nearest Neighbors (k-NN), Multi-Layer Perceptron (MLP), Decision tree (DT), Logistic Regression (LR), and eXtreme Gradient Boosting (XGB)) are applied on CICAndMal2017 dataset which consists of benign and various kinds of android malware samples. A 603288 benign and ransomware samples were extracted from this collection. Ransomware samples are collected from 10 different families. Several types of feature selection techniques have been used on the dataset. Finally, seven performance metrics were used to determine the best one of feature selection and ML classifiers for ransomware detection. The experiments results imply that DT and XGB outperforms other classifiers with best detection accuracy are more than (99.30%) and (99.20%) for (DT) and (XGB) respectively.
format article
author Omar Ahmed
Omar Al-Dabbagh
author_facet Omar Ahmed
Omar Al-Dabbagh
author_sort Omar Ahmed
title Ransomware Detection System Based on Machine Learning
title_short Ransomware Detection System Based on Machine Learning
title_full Ransomware Detection System Based on Machine Learning
title_fullStr Ransomware Detection System Based on Machine Learning
title_full_unstemmed Ransomware Detection System Based on Machine Learning
title_sort ransomware detection system based on machine learning
publisher College of Education for Pure Sciences
publishDate 2021
url https://doaj.org/article/6ba065d614084de5b410b21616fcf49c
work_keys_str_mv AT omarahmed ransomwaredetectionsystembasedonmachinelearning
AT omaraldabbagh ransomwaredetectionsystembasedonmachinelearning
_version_ 1718404875956518912

Ejemplares similares