| Title | Analysis and Detection of Android Ransomware for Custom Encryption |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Jiao, Jian, Zhao, Haini, Liu, Yong |
| Conference Name | 2021 IEEE 4th International Conference on Computer and Communication Engineering Technology (CCET) |
| Keywords | android, android encryption, API, Bait file, Conferences, custom encryption, Encryption, Entropy, Human Behavior, information entropy, Metrics, pubcrawl, ransomware, resilience, Resiliency, Scalability |
| Abstract | At present, the detection of encrypted ransomware under the Android platform mainly relies on analyzing the API call of the encryption function. But for ransomware that uses a custom encryption algorithm, the method will be invalid. This article analyzed the files before and after encryption by the ransomware, and found that there were obvious changes in the information entropy and file name of the files. Based on this, this article proposed a detection method for encrypted ransomware under the Android platform. Through pre-setting decoy files and the characteristic judgment before and after the execution of the sample to be tested, completed the detection and judgment of the ransomware. Having tested 214 samples, this method can be porved to detect encrypted ransomware accurately under the Android platform, with an accuracy rate of 98.24%. |
| DOI | 10.1109/CCET52649.2021.9544366 |
| Citation Key | jiao_analysis_2021 |
Analysis and Detection of Android Ransomware for Custom Encryption