Article Per Year (5 Year)
p-Index From 2021 - 2026
0.23
P-Index
This Author published in this journals
All Journal Bulletin of Electrical Engineering and Informatics
Zhao Wei
Nanjing University of Science and Technology
Electrical & Electronics Engineering

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
Enhanced detection of android ransomware families using machine learning and network traffic analysis Singh, Manmeet Mahinderjit; Selvaraj, Kalaivani; Wei, Zhao
Bulletin of Electrical Engineering and Informatics Vol 14, No 4: August 2025
Publisher : Institute of Advanced Engineering and Science

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.11591/eei.v14i4.9485

Abstract

Ransomware attacks on Android devices often go undetected until damage occurs, as prevention strategies are limited by inconsistent threat detection and classification. This paper presents a framework for evaluating machine learning models to detect and classify Android ransomware families through network behavioral analysis. The framework extracts discriminative features from network traffic data and segregates them into four optimal clusters using the k-means clustering method. A total of 84 critical network traffic features are identified, including source IP, destination IP, source port, destination port, traffic duration, and the total number of forward and reverse packets. These optimal features are effectively utilized to train well-known machine learning models, including decision trees (DT), random forest (RF), K-nearest neighbors (KNN), support vector machines (SVM), and bagging, to evaluate their accuracy in classifying ransomware families. Simulation results demonstrate that RF achieves the best performance with an accuracy of 95.18%, precision of 95.21%, recall of 95.27%, and F1-score of 95.19%. This framework, focused on network behavioral analysis rather than static or dynamic analysis, provides deeper insights into the behavior and characteristics of ransomware.
Co-Authors Selvaraj, Kalaivani Singh, Manmeet Mahinderjit