| Title | Real Time Android Ransomware Detection by Analyzed Android Applications |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Ko, Ju-Seong, Jo, Jeong-Seok, Kim, Deuk-Hun, Choi, Seul-Ki, Kwak, Jin |
| Conference Name | 2019 International Conference on Electronics, Information, and Communication (ICEIC) |
| Keywords | analyzed Android applications, android, Android (operating system), android encryption, cryptography, dynamic method, Encryption, Entropy, Human Behavior, invasive software, Metrics, mobile computing, Monitoring, New/Variant/Unknown Ransomware, PC environment, program diagnostics, pubcrawl, ransomware, real-time Android ransomware detection, real-time detection, Real-time Systems, realtime new ransomware detection, realtime unknown ransomware detection, realtime variant ransomware detection, Resiliency, Scalability, smart phones, static analysis, static method |
| Abstract | Recently, damage caused by ransomware has been increasing in PC and Android environments. There are many studies into real-time ransomware detection because the most important time to prevent encryption is before ransomware is able to execute its malicious process. Traditional analyses determine an application is ransomware or not by static/dynamic methods. Those analyses can serve as components of a method to detect ransomware in real time. However, problems can occur such as the inability to detect new/variant/unknown ransomware. These types require signed patches from a trusted party that can only be created after attacks occur. In a previous study into realtime new/variant/unknown ransomware detection in a PC environment, important files are monitored and only programs that have been previously analyzed and evaluated as nonmalicious are allowed. As such, programs that have not been analyzed are restricted from accessing important files. In an Android environment, this method can be applied using Android applications to prevent emerging threats and verify consistency with user intent. Thus, this paper proposes a method of detecting new/variant/unknown ransomware in real time in an Android environment. |
| DOI | 10.23919/ELINFOCOM.2019.8706349 |
| Citation Key | ko_real_2019 |
Real Time Android Ransomware Detection by Analyzed Android Applications