Salvatore Mario Carta

UniCa About Professors and Researchers Salvatore Mario Carta Research Research outcomes (IRIS)

Salvatore Mario Carta

R-PackDroid: API package-based characterization and detection of mobile ransomware

MAIORCA, DAVIDE;Mercaldo, Francesco;GIACINTO, GIORGIO;Visaggio, Corrado Aaron;Martinelli, Fabio

2017-01-01

Abstract

Ransomware has become a serious and concrete threat for mobile platforms and in particular for Android. In this paper, we propose R-PackDroid, a machine learning system for the detection of Android ransomware. Differently to previous works, we leverage information extracted from system API packages, which allow to characterize applications without specific knowledge of user-defined content such as the application language or strings. Results attained on very recent data show that it is possible to detect Android ransomware and to distinguish it from generic malware with very high accuracy. Moreover, we used R-PackDroid to flag applications that were detected as ransomware with very low confidence by the VirusTotal service. In this way, we were able to correctly distinguish true ransomware from false positives, thus providing valuable help for the analysis of these malicious applications.

Short Card

Tab complete

Full Sheet(DC)

         Anno 
       
        2017 
       
         Lingua/e 
       
        Inglese 
       
         Titolo del Volume 
       
        SAC '17: Proceedings of the Symposium on Applied Computing 
       
         Codice ISBN 
       
        9781450344869 
       
         Nome Editore 
       
        ACM 
       
         Nazionalità Editore 
       
        STATI UNITI D'AMERICA 
       
         Da pagina 
       
        1718 
       
         A pagina 
       
        1723 
       
         Numero di pagine 
       
        6 
       
         Codice DOI 
       
        https://dx.doi.org/10.1145/3019612.3019793 
       
         Codice Scopus 
       
        2-s2.0-85020890980 
       
         Titolo del convegno 
       
        32nd Annual ACM Symposium on Applied Computing, SAC 2017 
       
         Relazione 
       
        Contributo 
       
         Referee 
       
        Esperti anonimi 
       
         Periodo del Convegno 
       
        3-7 Aprile 2017 
       
         Luogo del Convegno 
       
        Marrakech, Morocco 
       
         Rilevanza del Convegno 
       
        internazionale 
       
         Caratterizzazione prevalente 
       
        scientifica 
       
         Presenza di coautori internazionali 
       
        no 
       
         Tipologia 
       
        4 Contributo in Atti di Convegno (Proceeding)::4.1 Contributo in Atti di convegno 
       
         Tutti gli autori 
       
        Maiorca, Davide; Mercaldo, Francesco; Giacinto, Giorgio; Visaggio, Corrado Aaron; Martinelli, Fabio
         
         Tipologia sito docente 
       
        273 
       
         Numero autori 
       
        5 
       
         Tipologia 
       
        4.1 Contributo in Atti di convegno 
       
         Fulltext 
       
        reserved 
       
         Tipologia 
       
        info:eu-repo/semantics/conferencePaper 
       
         Type: 
       
        4.1 Contributo in Atti di convegno

Files in This Item:

File	Size	Format
SAC2017-R-PackDroid-printed.pdf Solo gestori archivio Type: versione editoriale Size 726.01 kB Format Adobe PDF & nbsp; View / Open Request a copy	726.01 kB	Adobe PDF	& nbsp; View / Open Request a copy

University of Cagliari

University of Cagliari