Android Ransomware Attacks Detection with Optimized Ensemble Learning

Android is the most widely used operating system for mobile devices and is the most common target of various cyber attacks. Ransomware is one of the most common and dangerous malware attacks among of different types of attacks. In the last few years, a sharp escalation of the ransomware attack is observed. Traditional ransomware detection techniques fail to rein in the rise of the ransomware attack. Recently, machine learning is increasingly used in detecting cyberattacks. However, the detection of various types of ransomware is largely overlooked. Even the Android ransomware detection accuracy of the existing solutions are highly limited. In this paper, we propose a machine learning technique for detecting various types of Android ransomware from traffic analysis. The objective is to attain a higher detection rate. To this end, we exploit an ensemble machine learning technique with optimized hyperparameters. The hyperparameters of the Bagging ensemble learning are optimized using the grid search. Through simulations, the proposed machine learning models are found to achieve up to 11% higher detection accuracy than the state-of-the-art solution. The pletor ransomware can be detected with the highest accuracy (95.29%), while the average detection accuracy is the lowest (74.09%) for koler among all the types of Android ransomware.