ARdetector: android ransomware detection framework
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Li, Dan | - |
dc.contributor.author | Shi, Wenbo | - |
dc.contributor.author | Lu, Ning | - |
dc.contributor.author | Lee, Sang-Su | - |
dc.contributor.author | Lee, Sokjoon | - |
dc.date.accessioned | 2024-04-05T12:30:19Z | - |
dc.date.available | 2024-04-05T12:30:19Z | - |
dc.date.issued | 2024-04 | - |
dc.identifier.issn | 0920-8542 | - |
dc.identifier.issn | 1573-0484 | - |
dc.identifier.uri | https://scholarworks.bwise.kr/gachon/handle/2020.sw.gachon/90894 | - |
dc.description.abstract | Ransomware has affected a broad range of public and private-sector organizations, and the impacts include direct and indirect financial loss (e.g., opportunity costs), reputational damage, legal implications, and physical consequences (e.g., fatalities). However, it has been challenging to accurately detect ransomware. For example, ransomware's behavioral characteristics differ from many other malicious applications, and it can be laborious to obtain representative features that can be used for machine learning training. In addition, the issue of the imbalanced dataset of minority and majority classes complicates efforts for machine learning models to learn the internal patterns of minority classes. In an effort for tackling such difficulties, we suggest an architecture regarding Android ransomware detection (hereafter referred to as ARdetector), which allows one to analyze the relationship between behav oral characteristics and other candidate features associated with ransomware to select more representative features. In addition, we design a deep neural network based on focal loss, which lowers the loss generated by the majority class. In our evaluations, we use two real-world datasets of different class proportions, and the findings show that the accuracy of the ARdetector on both datasets is over 99.00% when the imbalanced ratio is 6. Specifically, via the BMR dataset, the AUC as a synthetical categorizing assessment indicator reaches as high as 0.9625 at that ratio of 15. | - |
dc.format.extent | 28 | - |
dc.language | 영어 | - |
dc.language.iso | ENG | - |
dc.publisher | SPRINGER | - |
dc.title | ARdetector: android ransomware detection framework | - |
dc.type | Article | - |
dc.identifier.wosid | 001098740200007 | - |
dc.identifier.doi | 10.1007/s11227-023-05741-y | - |
dc.identifier.bibliographicCitation | JOURNAL OF SUPERCOMPUTING, v.80, no.6, pp 7557 - 7584 | - |
dc.description.isOpenAccess | N | - |
dc.identifier.scopusid | 2-s2.0-85176143769 | - |
dc.citation.endPage | 7584 | - |
dc.citation.startPage | 7557 | - |
dc.citation.title | JOURNAL OF SUPERCOMPUTING | - |
dc.citation.volume | 80 | - |
dc.citation.number | 6 | - |
dc.type.docType | Article | - |
dc.publisher.location | 네델란드 | - |
dc.subject.keywordAuthor | Android mobile | - |
dc.subject.keywordAuthor | Convolutional neural networks (CNN) | - |
dc.subject.keywordAuthor | Focal loss | - |
dc.subject.keywordAuthor | Imbalanced | - |
dc.subject.keywordAuthor | Ransomware | - |
dc.subject.keywordPlus | MALWARE DETECTION | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Engineering | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Hardware & Architecture | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Theory & Methods | - |
dc.relation.journalWebOfScienceCategory | Engineering, Electrical & Electronic | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
1342, Seongnam-daero, Sujeong-gu, Seongnam-si, Gyeonggi-do, Republic of Korea(13120)031-750-5114
COPYRIGHT 2020 Gachon University All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.