Nowadays mobile devices are widespread. Considering the plethora of private and sensitive information stored in smartphone and tablets, it is easy to understand the reason why attackers develop everyday more and more aggressive malicious payloads with the aim to exfiltrate our data. One of the last trend in mobile malware landascape is represented by the so-called ransomware, a threat capable to lock the user interface and to cipher the data of the mobile device under attack. In this paper we present a method based on structural entropy and fuzzy logic classification algorithms able to identify whether an application exhibits a ransomware behaviour. We obtain encouraging results evaluating a dataset composed of 10,052 (malware and legitimate) real-world Android applications.

A novel structural-entropy-based classification technique for supporting android ransomware detection and analysis

Mercaldo F.
2018-01-01

Abstract

Nowadays mobile devices are widespread. Considering the plethora of private and sensitive information stored in smartphone and tablets, it is easy to understand the reason why attackers develop everyday more and more aggressive malicious payloads with the aim to exfiltrate our data. One of the last trend in mobile malware landascape is represented by the so-called ransomware, a threat capable to lock the user interface and to cipher the data of the mobile device under attack. In this paper we present a method based on structural entropy and fuzzy logic classification algorithms able to identify whether an application exhibits a ransomware behaviour. We obtain encouraging results evaluating a dataset composed of 10,052 (malware and legitimate) real-world Android applications.
2018
978-1-5090-6020-7
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11695/128102
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 11
  • ???jsp.display-item.citation.isi??? ND
social impact