Behavioral based detection of android ransomware using machine learning techniques

After the pandemic, the whole world is transforming digital, due to the increased usage of handheld devices like smartphones and due to the evolution of the internet. All the transactions are becoming online. The security at end devices is an important issue to everyone. We believe that the data in transit is more secure, but in reality this is not true. The data are in the hands of bad actors for malicious activities. Android ransomware is one of the most widely distributed assaults throughout the world. It is a type of virus that prevents users from accessing the operating system and encrypts the essential data saved on their device. This work focuses on thorough assessment and detection of android ransomware application using machine learning methods. After a thorough analysis of existing mechanisms of android ransomware detection, we found that the combination of static behaviour with machine learning techniques can detect android ransomware with good accuracy. We have analysed 3572 samples of ransomware applications and 3628 samples of benign applications of various family. For classification, the decision tree, random forest, extra tree classifier, light gradient boosting machine methods are selected from the pool of classifier. The dataset was obtained from Kaggle, which is an open source dataset repository. The suggested model outperforms with a detection accuracy of 98.05%. Based on its best performance, we believe our suggested approach will be useful in ransomware and forensic investigation.