{"id":"https://openalex.org/W4386249878","doi":"https://doi.org/10.1109/icit58056.2023.10226130","title":"A Novel Machine Learning Cyber Approach for Detecting WannaLocker Ransomware Attack on Android Devices","display_name":"A Novel Machine Learning Cyber Approach for Detecting WannaLocker Ransomware Attack on Android Devices","publication_year":2023,"publication_date":"2023-08-09","ids":{"openalex":"https://openalex.org/W4386249878","doi":"https://doi.org/10.1109/icit58056.2023.10226130"},"language":"en","primary_location":{"id":"doi:10.1109/icit58056.2023.10226130","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icit58056.2023.10226130","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 International Conference on Information Technology (ICIT)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5108886731","display_name":"Mahmoud AlJamal","orcid":null},"institutions":[{"id":"https://openalex.org/I157392197","display_name":"Hashemite University","ror":"https://ror.org/04a1r5z94","country_code":"JO","type":"education","lineage":["https://openalex.org/I157392197"]}],"countries":["JO"],"is_corresponding":true,"raw_author_name":"Mahmoud AlJamal","raw_affiliation_strings":["Al-Hussien bin Abdullah for IT The Hashemite University,Faculty of Prince,Department of Information Technology,Zarqa,Jordan,13133"],"affiliations":[{"raw_affiliation_string":"Al-Hussien bin Abdullah for IT The Hashemite University,Faculty of Prince,Department of Information Technology,Zarqa,Jordan,13133","institution_ids":["https://openalex.org/I157392197"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5092027176","display_name":"Rabee Alquran","orcid":"https://orcid.org/0009-0006-2992-5404"},"institutions":[{"id":"https://openalex.org/I157392197","display_name":"Hashemite University","ror":"https://ror.org/04a1r5z94","country_code":"JO","type":"education","lineage":["https://openalex.org/I157392197"]}],"countries":["JO"],"is_corresponding":false,"raw_author_name":"Rabee Alquran","raw_affiliation_strings":["Al-Hussien bin Abdullah for IT The Hashemite University,Faculty of Prince,Department of Information Technology,Zarqa,Jordan,13133"],"affiliations":[{"raw_affiliation_string":"Al-Hussien bin Abdullah for IT The Hashemite University,Faculty of Prince,Department of Information Technology,Zarqa,Jordan,13133","institution_ids":["https://openalex.org/I157392197"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5092815522","display_name":"Issa Al-Aiash","orcid":"https://orcid.org/0009-0003-9297-6704"},"institutions":[{"id":"https://openalex.org/I157392197","display_name":"Hashemite University","ror":"https://ror.org/04a1r5z94","country_code":"JO","type":"education","lineage":["https://openalex.org/I157392197"]}],"countries":["JO"],"is_corresponding":false,"raw_author_name":"Issa AL-Aiash","raw_affiliation_strings":["Al-Hussien bin Abdullah for IT The Hashemite University,Faculty of Prince,Department of Information Technology,Zarqa,Jordan,13133"],"affiliations":[{"raw_affiliation_string":"Al-Hussien bin Abdullah for IT The Hashemite University,Faculty of Prince,Department of Information Technology,Zarqa,Jordan,13133","institution_ids":["https://openalex.org/I157392197"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5038179267","display_name":"Ala Mughaid","orcid":"https://orcid.org/0000-0002-1298-6933"},"institutions":[{"id":"https://openalex.org/I157392197","display_name":"Hashemite University","ror":"https://ror.org/04a1r5z94","country_code":"JO","type":"education","lineage":["https://openalex.org/I157392197"]}],"countries":["JO"],"is_corresponding":false,"raw_author_name":"Ala Mughaid","raw_affiliation_strings":["Al-Hussien bin Abdullah for IT The Hashemite University,Faculty of Prince,Department of Information Technology,Zarqa,Jordan,13133"],"affiliations":[{"raw_affiliation_string":"Al-Hussien bin Abdullah for IT The Hashemite University,Faculty of Prince,Department of Information Technology,Zarqa,Jordan,13133","institution_ids":["https://openalex.org/I157392197"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5032974396","display_name":"Shadi AlZu\u2019bi","orcid":"https://orcid.org/0000-0003-4173-2323"},"institutions":[{"id":"https://openalex.org/I145019703","display_name":"Al-Zaytoonah University of Jordan","ror":"https://ror.org/04a5b0p13","country_code":"JO","type":"education","lineage":["https://openalex.org/I145019703"]}],"countries":["JO"],"is_corresponding":false,"raw_author_name":"Shadi AlZu'bi","raw_affiliation_strings":["Al Zaytoonah University of Jordan,Computer Science Department,Amman,Jordan","Computer Science Department, Al Zaytoonah University of Jordan, Amman, Jordan"],"affiliations":[{"raw_affiliation_string":"Al Zaytoonah University of Jordan,Computer Science Department,Amman,Jordan","institution_ids":["https://openalex.org/I145019703"]},{"raw_affiliation_string":"Computer Science Department, Al Zaytoonah University of Jordan, Amman, Jordan","institution_ids":["https://openalex.org/I145019703"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5092815523","display_name":"Ala A. Abutabanjeh","orcid":null},"institutions":[{"id":"https://openalex.org/I19406000","display_name":"Concordia University Chicago","ror":"https://ror.org/02jvqj155","country_code":"US","type":"education","lineage":["https://openalex.org/I19406000"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ala A. Abutabanjeh","raw_affiliation_strings":["Concordia University,Department of Business Administration,Chicago,IL","Department of Business Administration, Concordia University, Chicago, IL"],"affiliations":[{"raw_affiliation_string":"Concordia University,Department of Business Administration,Chicago,IL","institution_ids":["https://openalex.org/I19406000"]},{"raw_affiliation_string":"Department of Business Administration, Concordia University, Chicago, IL","institution_ids":["https://openalex.org/I19406000"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5108886731"],"corresponding_institution_ids":["https://openalex.org/I157392197"],"apc_list":null,"apc_paid":null,"fwci":4.0755,"has_fulltext":false,"cited_by_count":20,"citation_normalized_percentile":{"value":0.95167449,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"135","last_page":"142"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9934999942779541,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8431711196899414},{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.7610825300216675},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.745734453201294},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7065399289131165},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6727601289749146},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.6166975498199463},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5531396865844727},{"id":"https://openalex.org/keywords/feature-selection","display_name":"Feature selection","score":0.5401784777641296},{"id":"https://openalex.org/keywords/android-malware","display_name":"Android malware","score":0.4886215329170227},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.48195120692253113},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.4354611933231354},{"id":"https://openalex.org/keywords/normalization","display_name":"Normalization (sociology)","score":0.4263957738876343},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.36237889528274536},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3563615679740906},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.11352410912513733}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8431711196899414},{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.7610825300216675},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.745734453201294},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7065399289131165},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6727601289749146},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6166975498199463},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5531396865844727},{"id":"https://openalex.org/C148483581","wikidata":"https://www.wikidata.org/wiki/Q446488","display_name":"Feature selection","level":2,"score":0.5401784777641296},{"id":"https://openalex.org/C2989133298","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android malware","level":3,"score":0.4886215329170227},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.48195120692253113},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.4354611933231354},{"id":"https://openalex.org/C136886441","wikidata":"https://www.wikidata.org/wiki/Q926129","display_name":"Normalization (sociology)","level":2,"score":0.4263957738876343},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.36237889528274536},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3563615679740906},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.11352410912513733},{"id":"https://openalex.org/C144024400","wikidata":"https://www.wikidata.org/wiki/Q21201","display_name":"Sociology","level":0,"score":0.0},{"id":"https://openalex.org/C19165224","wikidata":"https://www.wikidata.org/wiki/Q23404","display_name":"Anthropology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icit58056.2023.10226130","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icit58056.2023.10226130","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 International Conference on Information Technology (ICIT)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.6700000166893005}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":20,"referenced_works":["https://openalex.org/W2078439954","https://openalex.org/W2557913829","https://openalex.org/W2593330790","https://openalex.org/W2886257824","https://openalex.org/W2961850650","https://openalex.org/W2962936809","https://openalex.org/W2981859286","https://openalex.org/W3005555687","https://openalex.org/W3042454706","https://openalex.org/W3117368983","https://openalex.org/W4214610121","https://openalex.org/W4214872774","https://openalex.org/W4224293824","https://openalex.org/W4225299277","https://openalex.org/W4251708881","https://openalex.org/W4280569680","https://openalex.org/W4283819075","https://openalex.org/W4378420446","https://openalex.org/W6787859789","https://openalex.org/W6853553135"],"related_works":["https://openalex.org/W3214090987","https://openalex.org/W2782775281","https://openalex.org/W4226442484","https://openalex.org/W4312334973","https://openalex.org/W2560361988","https://openalex.org/W2507113366","https://openalex.org/W4327939473","https://openalex.org/W2085301524","https://openalex.org/W2717179875","https://openalex.org/W4249118297"],"abstract_inverted_index":{"The":[0,112],"widespread":[1],"use":[2],"of":[3,14,40,136,143,163],"Android":[4,49,150],"mobile":[5,164],"phones":[6],"in":[7,148],"recent":[8],"years":[9],"has":[10],"increased":[11],"the":[12,57,85,107,130,141,144,161],"risk":[13],"vulnerabilities":[15],"that":[16],"attackers":[17],"can":[18],"exploit,":[19],"potentially":[20],"leading":[21],"to":[22,43,63,105,118,126,160],"malware":[23],"downloads":[24],"and":[25,80,100],"system":[26],"damage.":[27],"This":[28],"paper":[29],"presents":[30],"an":[31,134],"effective":[32],"solution":[33],"utilizing":[34],"Machine":[35],"Learning":[36],"(ML),":[37],"a":[38,102,157],"subset":[39],"artificial":[41],"intelligence,":[42],"detect":[44],"Wannalocker":[45,154],"ransomware":[46],"specifically":[47],"targeting":[48],"devices.":[50],"To":[51],"achieve":[52],"this":[53],"objective,":[54],"we":[55,92],"employed":[56],"CICAndMal2017":[58],"dataset":[59,114],"with":[60],"several":[61],"modifications":[62,71],"make":[64],"it":[65],"suitable":[66],"for":[67],"ML":[68],"analysis.":[69],"These":[70,138],"included":[72],"data":[73,82],"normalization,":[74],"label":[75],"encoding,":[76],"attribute":[77],"name":[78],"resolution,":[79],"addressing":[81],"imbalance":[83],"through":[84],"Synthetic":[86],"Minority":[87],"Over-sampling":[88],"Technique":[89],"(SMOTE).":[90],"Furthermore,":[91],"performed":[93],"feature":[94],"selection":[95],"using":[96],"three":[97],"distinct":[98],"methods":[99],"applied":[101],"voting":[103],"principle":[104],"select":[106],"most":[108],"frequently":[109],"occurring":[110],"attributes.":[111],"resulting":[113],"was":[115],"then":[116],"subjected":[117],"various":[119],"classifiers,":[120],"yielding":[121],"exceptional":[122],"classification":[123],"accuracy":[124,135],"compared":[125],"previous":[127],"studies.":[128],"Notably,":[129],"BayesNet":[131],"classifier":[132],"achieved":[133],"99.1%.":[137],"findings":[139],"demonstrate":[140],"efficacy":[142],"proposed":[145],"ML-based":[146],"approach":[147],"bol-stering":[149],"device":[151,165],"security":[152,166],"against":[153],"ransomware,":[155],"providing":[156],"valuable":[158],"contribution":[159],"field":[162]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":10},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":2}],"updated_date":"2026-02-25T08:12:03.925757","created_date":"2025-10-10T00:00:00"}