An Effective Approach for Android Malware Detection Based on Intelligent Feature Extraction and Ensemble Learning
摘要
Android is currently the most widely used operating system on mobile devices worldwide, making it a primary target for malware attacks. Effective detection of Android malware remains a significant challenge due to the rapid increase in both the volume and complexity of malware. In this paper, we propose a novel method to enhance malware detection efficiency by combining intelligent feature extraction with ensemble learning. The proposed model consists of three main phases: (1) Feature Extraction: In this phase, two important types of features are extracted from Android application files, including behavioral features and permission features. Behavioral features are extracted from the function call graph using the Graph Isomorphism Network, while permission features are obtained by embedding a standardized permission list using a lightweight, pre-trained Transformer-based language model. (2) Feature Fusion: The feature vectors are concatenated to construct a comprehensive representation of the application; (3) Classification: Ensemble learning techniques are applied to classify the application as either malware or benign. The novelty of the proposed method lies in the integration of two key feature sources: behavioral and permission features, which complement each other to form a comprehensive representation of the application. In addition, the adoption of ensemble learning techniques has significantly improved the performance of the detection model. Experimental results demonstrate that our model outperforms existing methods across all evaluation metrics, with accuracy improvements ranging from 1.42% to 2.57%.