RansomAnalysis: The Evolution and Investigation of Android Ransomware

Ransomware is not a Personal Computer (PC) problem anymore, but nowadays smartphones are also vulnerable to it. Various types of ransomware such as Android/Simplocker and Android/ Lockerpin attack Android OS to steal users’ personal information. In this paper, we present the evolution of Android ransomware and coin a term—RansomAnalysis—to perform the investigation of samples to analyze the AndroidManifest.xml file for the extraction of permissions. We perform a comparison between permissions gathered by ransomware and benign apps. Besides this, we analyze the topmost permissions used by Android ransomware.

[1]  Qingzhong Liu,et al.  Merging Permission and API Features for Android Malware Detection , 2016, 2016 5th IIAI International Congress on Advanced Applied Informatics (IIAI-AAI).

[2]  Jacques Klein,et al.  AndroZoo: Collecting Millions of Android Apps for the Research Community , 2016, 2016 IEEE/ACM 13th Working Conference on Mining Software Repositories (MSR).

[3]  Ziming Zhao,et al.  Uncovering the Face of Android Ransomware: Characterization and Real-Time Detection , 2018, IEEE Transactions on Information Forensics and Security.

[4]  Patrick D. McDaniel,et al.  On lightweight mobile phone application certification , 2009, CCS.

[5]  Sotiris Ioannidis,et al.  REAPER: Real-time App Analysis for Augmenting the Android Permission System , 2019, CODASPY.

[6]  Steve Hanna,et al.  A survey of mobile malware in the wild , 2011, SPSM '11.

[7]  Konrad Rieck,et al.  DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket , 2014, NDSS.

[8]  Hahn-Ming Lee,et al.  DroidMat: Android Malware Detection through Manifest and API Calls Tracing , 2012, 2012 Seventh Asia Joint Conference on Information Security.

[9]  Gonzalo Álvarez,et al.  MAMA: MANIFEST ANALYSIS FOR MALWARE DETECTION IN ANDROID , 2013, Cybern. Syst..

[10]  Witawas Srisa-an,et al.  Significant Permission Identification for Machine-Learning-Based Android Malware Detection , 2018, IEEE Transactions on Industrial Informatics.