Leveraging Machine Learning for Android Malware Analysis: Insights from Static and Dynamic Techniques

Abstract

In this study, the domain of Android malware detection was explored with a specific focus on leveraging the potential of Machine Learning (ML). At the time of this study, Android had firmly established its dominance in the mobile landscape and IoT devices, necessitating a concerted effort to fortify its security against emerging malware threats. Static analysis methods were scrutinized as vital sources of feature extraction for ML, while dynamic analysis methods were employed to analyze the behavior of applications in real or simulated environments. Additionally, a hybrid method, combining both static and dynamic analyses, was investigated. The study evaluated four ML models: XGBoost, Random Forest (RF), Support Vector Machine (SVM), and Decision Tree (DT), revealing compelling insights into their performance metrics. Notably, RF achieved the highest accuracy of 0.99, closely followed by SVM with an accuracy of 0.96. These results underscore the potential effectiveness of ML techniques in bolstering Android malware detection and mitigating security risks. As the research progressed, it underscored the latent power of integrating ML into the framework of Android malware analysis. With an eye towards the future, the overarching goal was to empower enhanced security measures and foster a resilient mobile ecosystem through the insights gleaned from this investigation.