Advanced android malware detection in mobile applications using security and machine learning
摘要
The rapid growth of Android devices has led to an increase in malware threats exploiting system vulnerabilities. Traditional signature-based detection methods are insufficient against advanced and obfuscated malware, which continue to evolve rapidly. This study addresses the problem of ineffective malware detection by proposing a machine learning-based framework focused on accurate and adaptive identification of malicious Android applications. The objective is to enhance detection performance by combining static and dynamic analysis features, enabling the system to detect known and zero-day malware effectively. The proposed methodology involves comprehensive feature extraction from APKs, including permissions, API calls, and behavioural data. Preprocessing steps use LASSO for feature selection to reduce dimensionality. A hybrid ensemble model combining Extremely Randomized Trees (ERT) and Gradient Boosting Machines (GBM) is developed for classification. Adversarial training techniques improve resilience against evasion tactics, and data augmentation addresses class imbalances. The model is continuously retrained with updated datasets to maintain performance against evolving malware. Experimental results demonstrate that the proposed ERT model achieves 95.8% accuracy and 96.2% precision, while the combined ERT + GBM ensemble improves accuracy to 97.5% and reduces the false positive rate to 1.3%. The findings validate the framework’s robustness and effectiveness in real-world scenarios. Future work will focus on optimizing model efficiency for real-time deployment on mobile devices and extending the framework to detect cross-platform mobile threats, further enhancing mobile security.