Hybrid Android Malware Detection Model using Machine learning Algorithms

Abstract

Malware in general, is a serious threat that affects a wide range of users on an everyday basis. Since Android is the most popular mobile operating system, it became a target for fraudulent and malicious activities caused by malware developers that can result in devastating effects. With that, many Android malware applications continue to come into existence and throughout the years, several solutions have emerged, while Android malware has also smartly improved its capabilities to avoid being detected. Hence, a stronger detection model should be developed by improving the current existing Android malware detection techniques. The study created a multi-class hybrid Android malware detection model which investigates the effectiveness of combining system permissions as the static feature and network traffic features as the dynamic feature whereas K-Nearest Neighbor, Random Forest, and XGBoost as the machine learning classifying algorithms. The said classifiers are compared based on various evaluation metrics such as recall, precision, accuracy, F1-score, and Receiver Operating Characteristics Curve (ROC). All classifiers produced a result higher than 90% in accuracy, precision, recall, specificity, and F1-Score. Meanwhile, it is also revealed that our created model can compete with other models that are existing from the previous works wherein the best model is the Random Forest setup C which has a total of 18 features. The said model got a 98.3% recall, 98.4% precision, 98.3% accuracy, 98.3% F1-Score, and 99.9% ROC-AUC.