An Ensemble-based Supervised Machine Learning Framework for Android Ransomware Detection

With latest development in technology, the usage of smartphones to fulfill day-to-day requirements has been increased. The Android-based smartphones occupy the largest market share among other mobile operating systems. The hackers are continuously keeping an eye on Android-based smartphones by creating malicious apps housed with ransomware functionality for monetary purposes. Hackers lock the screen and/or encrypt the documents of the victim's Android based smartphones after performing ransomware attacks. Thus, in this paper, a framework has been proposed in which we (1) utilize novel features of Android ransomware, (2) reduce the dimensionality of the features, (3) employ an ensemble learning model to detect Android ransomware, and (4) perform a comparative analysis to calculate the computational time required by machine learning models to detect Android ransomware. Our proposed framework can efficiently detect both locker and crypto ransomware. The experimental results reveal that the proposed framework detects Android ransomware by achieving an accuracy of 99.67% with Random Forest ensemble model. After reducing the dimensionality of the features with principal component analysis technique; the Logistic Regression model took least time to execute on the Graphics Processing Unit (GPU) and Central Processing Unit (CPU) in 41 milliseconds and 50 milliseconds respectively.