Android Malware Detection Using Static Features Of Mobile Applications

Abstract

The increasing use of android mobile devices and the complexity of applications have led to increase in malware threats, Information, and demanding robust security measures for safeguarding user privacy. We investigate the use of deep learning techniques in detection of Android Malware considering the latest data sets. We aim to improve the system’s ability to accurately classify and detect a wider range of Android malware variants. We provide APK analysis for a feature extraction mechanism capable of extracting a total of 43,377 features from a dataset comprising 1201 each malware classes in total 13,211 malware and 1201 Benign applications. After meticulous selection, we retain only 10,524 features,which are subsequently used to train the neural networks. This dataset enables thorough evaluation and validation of the proposed detection system. We make use of APK .extracted from ANDROZOO for the purpose of dataset generation. Performance metrics which is used in this research are detection accuracy, recall, F1 score and precision are utilized to deter me the efficacy of the enhanced detection approach. This research explores the effectiveness of convolution neural network (CNN)and deep neural network (DNN) models for Android malware detection using static features. By utilizing our own dataset, we evaluate the performance of both models and compare their accuracy rates. Our results demonstrate that the DNN model accuracy rate of 97%, which is outperforming the CNN model, which achieves a slightly lower accuracy rate of 96%. Transfer Learning(TL) based model also achieves a slightly lower accuracy rate of.94%but has the advantage to classify unseen or zero-day attacks. These findings highlight the potential of DNN-based approaches in enhancing the detection and prevention of Android malware, showcasing their superiority over the CNN as well TL based classifiers. The evaluation also highlights the importance of considering an expanded number of malware classes, as it significantly enhances the system’s capability to detect diverse malware families both known .