Detecting Malicious Android Apps Through Static Features Using Machine Learning
摘要
In the current era of mobile technology, Android’s widespread use and customisation by developers have also made it simpler for hackers to identify and exploit security flaws. Android malware continues to evolve, and one of the biggest concerns is how it quietly exploits app permissions and runs in the background to carry out harmful tasks without users even being aware of it. To address this emerging issue, the research proposes a static analysis-based solution for Android malware detection, utilising features derived from application permissions and API call behaviour. The study investigated a range of machine learning algorithms, including traditional methods such as Logistic Regression, Linear SVM, and KNN, as well as more advanced approaches like Convolutional Neural Networks and ensemble techniques like Random Forest, XGBoost, and CatBoost. We trained and tested the models using a well-organised set of Android app datasets and then measured their performance by analysing the results with a confusion matrix, focusing on key metrics such as accuracy, precision, recall, and F1-score. The confusion matrix clearly shows where our approach performs well, especially in real-world situations where there’s an uneven number of malicious and safe apps. Our results highlight the effectiveness of ensemble learning methods in enhancing mobile security while also providing a clear comparison of how different algorithms approach the task of detecting Android malware.