Mobile Ransomware Detection Leveraging Swarm Intelligence and Machine Learning: A KELM-Based Approach

Read the full article See related articles

Listed in

This article is not in any list yet, why not save it to one of your lists.
Log in to save this article

Abstract

Mobile dependence amplifies privacy risks associated with advanced malware threats such as ransomware, Trojan horses, botnet and spyware. Ransomware, in particular, encrypts those portable devices, demanding payment for access, presenting a critical challenge for user privacy, economic stability, and corporate trust. This paper proposes an effective strategy leveraging machine learning and swarm intelligence. Our strategy incorporates the Kernel Extreme Learning Machine (KELM) for efficient data processing and a Sand Cat Swarm Optimization (SCSO) algorithm for optimal parameter selection. The paper also highlights the most important features for accurate detection and shows the potential risks associated with these threats, such as unauthorized access to personal information , changes to phone and network data, and gaining deep control over the device. While the KELM algorithm is used to classify the mobile applications (apps) as either ransomware or non-ransomware, the SCSO functionality looks for the best features and ideal values for the KELM hyperparameters. To evaluate the effectiveness of the proposed system, we used a dataset comprising 1000 real-world samples collected from diverse platforms including Koodous, Virus Total, HelDroid, and RansomProper security projects, as well as benign applications obtained from the official Google Play Store. The experiments were then divided into two parts: the evaluation of the SCSO swarm size and the inquiries into the hybridization of the logarithmic operator. To identify ransomware, the optimal SCSO version with the KELM is utilized, and its efficacy is contrasted with other traditional machine learning methods. When compared to other algorithms, the suggested (SCSO-KELM) performs better in terms of several evaluation metrics, including promising convergence characteristics. The proposed method outperforms others in various metrics.

Article activity feed