

HelDroid: Dissecting and Detecting Mobile Ransomware

8 years 10 months ago
HelDroid: Dissecting and Detecting Mobile Ransomware
In ransomware attacks, the actual target is the human, as opposed to the classic attacks that abuse the infected devices (e.g., botnet renting, information stealing). Mobile devices are by no means immune to ransomware attacks. However, there is little research work on this matter and only traditional protections are available. Even state-of-the-art mobile malware detection approaches are ineffective against ransomware apps because of the subtle attack scheme. As a consequence, the ample attack surface formed by the billion mobile devices is left unprotected. First, in this work we summarize the results of our analysis of the existing mobile ransomware families, describing their common characteristics. Second, we present HelDroid, a fast, efficient and fully automated approach that recognizes known and unknown scareware and ransomware samples from goodware. Our approach is based on detecting the “building blocks” that are typically needed to implement a mobile ransomware applicati...
Nicoló Andronio, Stefano Zanero, Federico M
Added 17 Apr 2016
Updated 17 Apr 2016
Type Journal
Year 2015
Where RAID
Authors Nicoló Andronio, Stefano Zanero, Federico Maggi
Comments (0)