Journal of Cyber Security and Risk Auditing

ISSN: 3079-5354 (Online)

A Comprehensive Review of Machine Learning Approaches for Android Malware Detection

by 

Aneesha Davarasan ;

Joshua Samual ;

Kulothunkan Palansundram ;

Aitizaz Ali

PDF logoPDF

Published: 2024/12/06

Abstract

In today's digital age, smartphones have evolved beyond communication devices, becoming integral to various aspects of daily life. Android, as a leading mobile operating system, dominates the market due to its open-source nature and vast user base. However, this widespread adoption has made it a prime target for increasingly sophisticated malware attacks. Traditional malware detection methods, primarily reliant on signature recognition, have proven insufficient in countering these dynamic threats. This paper provides a detailed review of Android malware detection approaches leveraging machine learning techniques. By examining the underlying Android architecture and security models, we explore static, dynamic, and hybrid analysis methods, highlighting the crucial role of feature selection in improving detection accuracy. Additionally, we address the significant challenges posed by deterioration in detection model performance over time and evasion tactics employed by malware, proposing advanced strategies such as adversarial training and regular model updates to enhance system resilience. This review aims to synthesize current methodologies, offering a critical evaluation and identifying potential avenues for future research to fortify Android malware detection systems.

Keywords

Malware AttacksAndroid Malware DetectionMachine LearningDynamic Analysis

Doi Link

https://doi.org/10.63180/jcsra.thestap.2024.1.5

How to Cite the Article

Davarasan, A., Samual, J., Palansundram, K., & Ali, A. (2024). A Comprehensive Review of Machine Learning Approaches for Android Malware Detection. Journal of Cyber Security and Risk Auditing, 2024(1), 39–60.https://doi.org/10.63180/jcsra.thestap.2024.1.5

A Comprehensive Review of Machine Learning Approaches for Android Malware Detection is licensed under CC BY 4.0CCBY

References

  1. StatCounter. (2024, September 12). Mobile operating system market share worldwide. https://gs.statcounter.com/os-market-share/mobile/worldwide/#monthly-202004-202407
  2. Tang, L. (2024, September 12). Nearly 2,000 victims fell for Android malware scams, at least S$34.1 million lost in 2023. Channel News Asia. https://www.channelnewsasia.com/singapore/android-malware-scam-millions-lost-cpf-savings-banks-police-4128246
  3. Berghoff, T. (2024, September 12). G DATA mobile malware report: Harmful Android apps every eight seconds. G DATA CyberDefense. https://www.gdatasoftware.com/news/1970/01/-36401-g-data-mobile-malware-report-harmful-android-apps-every-eight-seconds
  4. AlJarrah, M. N., Yaseen, Q. M., & Mustafa, A. M. (2022). A context-aware Android malware detection approach using machine learning. Information (Switzerland), 13(12). https://doi.org/10.3390/info13120563
  5. Manzil, H. H. R., & Naik, S. M. (2023). Android malware category detection using a novel feature vector-based machine learning model. Cybersecurity, 6(1). https://doi.org/10.1186/s42400-023-00139-y
  6. Mahindru, A., & Sangal, A. L. (2021). MLDroid—Framework for Android malware detection using machine learning techniques. Neural Computing and Applications, 33(10), 5183–5240. https://doi.org/10.1007/s00521-020-05309-4
  7. Chimeleze, C., et al. (2022). BFEDroid: A feature selection technique to detect malware in Android apps using machine learning. Security and Communication Networks, 2022. https://doi.org/10.1155/2022/5339926
  8. Da Costa, L., & Moia, V. (2023). A lightweight and multi-stage approach for Android malware detection using non-invasive machine learning techniques. IEEE Access, 11, 73127–73144. https://doi.org/10.1109/ACCESS.2023.3296606
  9. Taher, F., AlFandi, O., Al-kfairy, M., Al Hamadi, H., & Alrabaee, S. (2023). DroidDetectMW: A hybrid intelligent model for Android malware detection. Applied Sciences (Switzerland), 13(13). https://doi.org/10.3390/app13137720
  10. Lee, J., Jang, H., Ha, S., & Yoon, Y. (2021). Android malware detection using machine learning with feature selection based on the genetic algorithm. Mathematics, 9(21). https://doi.org/10.3390/math9212813
  11. Şahin, D. Ö., Kural, O. E., Akleylek, S., & Kılıç, E. (2023). A novel permission-based Android malware detection system using feature selection based on linear regression. Neural Computing and Applications, 35(7), 4903–4918. https://doi.org/10.1007/s00521-021-05875-1
  12. Roy, S., Bhanja, S., & Das, A. (2023). AndyWar: An intelligent Android malware detection using machine learning. Innovations in Systems and Software Engineering. https://doi.org/10.1007/s11334-023-00530-5
  13. Alkahtani, H., & Aldhyani, T. H. H. (2022). Artificial intelligence algorithms for malware detection in Android‐operated mobile devices. Sensors, 22(6). https://doi.org/10.3390/s22062268
  14. McNeil, P., Shetty, S., Guntu, D., & Barve, G. (2016). SCREDENT: Scalable real-time anomalies detection and notification of targeted malware in mobile devices. Procedia Computer Science, 85, 1219–1225. https://doi.org/10.1016/j.procs.2016.04.254
  15. Smmarwar, S. K., Gupta, G. P., Kumar, S., & Kumar, P. (2022). An optimized and efficient Android malware detection framework for future sustainable computing. Sustainable Energy Technologies and Assessments, 54. https://doi.org/10.1016/j.seta.2022.102852
  16. Liu, K., Xu, S., Xu, G., Zhang, M., Sun, D., & Liu, H. (2020). A review of Android malware detection approaches based on machine learning. IEEE Access, 8, 124579–124607. https://doi.org/10.1109/ACCESS.2020.3006143
  17. Senanayake, J., Kalutarage, H., & Al-Kadri, M. O. (2021). Android mobile malware detection using machine learning: A systematic review. Electronics, 10(13), 1606. https://doi.org/10.3390/electronics10131606
  18. Nasri, N. N. M. (2020). Android malware detection system using machine learning. International Journal of Advanced Trends in Computer Science and Engineering, 9(1.5), 327–333. https://doi.org/10.30534/ijatcse/2020/4691.52020
  19. Google Developers. (2024, September 12). Platform architecture. Google for Developers. https://developer.android.com/guide/platform
  20. Mansfield-Devine, S. (2012). Android architecture: Attacking the weak points. Network Security, 2012(10). https://doi.org/10.1016/S1353-4858(12)70092-2
  21. Anand. (2017). Android: The architecture and application environment. International Journal of General Engineering and Technology (IJGET), 6(4).
  22. Sanchez, D., Rojas, A. E., & Florez, H. (2022). Towards a clean architecture for Android apps using model transformations. IAENG International Journal of Computer Science, 49(1).
  23. Mourya, D., Srivastava, S., Pal, D., & Dehraj, P. (2023). A survey: Android architecture and security threats. In Lecture Notes in Networks and Systems. https://doi.org/10.1007/978-981-19-4960-9_54
  24. Acharya, S., Rawat, U., & Bhatnagar, R. (2022). A comprehensive review of Android security: Threats, vulnerabilities, malware detection, and analysis. https://doi.org/10.1155/2022/7775917
  25. Lu, T., & Wang, J. (2022). F2DC: Android malware classification based on raw traffic and neural networks. Computer Networks, 217. https://doi.org/10.1016/j.comnet.2022.109320
  26. Kumar, A., Agarwal, V., Shandilya, S. K., Shalaginov, A., Upadhyay, S., & Yadav, B. (2020). PACER: Platform for Android malware classification, performance evaluation and threat reporting. Future Internet, 12(4). https://doi.org/10.3390/FI12040066
  27. Park, M., Seo, J., Han, J., Oh, H., & Lee, K. (2018). Situational awareness framework for threat intelligence measurement of Android malware. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, 9(3). https://doi.org/10.22667/JOWUA.2018.09.30.025
  28. Muzaffar, A., Hassen, H. R., Lones, M. A., & Zantout, H. (2022). An in-depth review of machine learning based Android malware detection. Computers & Security. https://doi.org/10.1016/j.cose.2022.102833
  29. Olukoya, O., Mackenzie, L., & Omoronyia, I. (2020). Security-oriented view of app behaviour using textual descriptions and user-granted permission requests. Computers & Security, 89. https://doi.org/10.1016/j.cose.2019.101685
  30. Sugunan, K., Gireesh Kumar, T., & Dhanya, K. A. (2018). Static and dynamic analysis for Android malware detection. In Advances in Intelligent Systems and Computing, 645. https://doi.org/10.1007/978-981-10-7200-0_13
  31. Thangaveloo, R., Jing, W. W., Leng, C. K., & Abdullah, J. (2020). DATDroid: Dynamic analysis technique in Android malware detection. International Journal of Advanced Science Engineering and Information Technology, 10(2). https://doi.org/10.18517/ijaseit.10.2.10238
  32. Ibrahim, M., Issa, B., & Jasser, M. B. (2022). A method for automatic Android malware detection based on static analysis and deep learning. IEEE Access, 10. https://doi.org/10.1109/ACCESS.2022.3219047
  33. Kabakus, A. T. (2019). What static analysis can utmost offer for Android malware detection. Information Technology and Control, 48(2). https://doi.org/10.5755/j01.itc.48.2.21457
  34. Nasser, A. R., Hasan, A. M., & Humaidi, A. J. (2024). DL-AMDet: Deep learning-based malware detector for Android. Intelligent Systems with Applications, 21. https://doi.org/10.1016/j.iswa.2023.200318
  35. Muzaffar, A., Hassen, H. R., Zantout, H., & Lones, M. A. (2023). DroidDissector: A static and dynamic analysis tool for Android malware detection. In Lecture Notes in Networks and Systems. https://doi.org/10.1007/978-3-031-40598-3_1
  36. Ding, C., Luktarhan, N., Lu, B., & Zhang, W. (2021). A hybrid analysis-based approach to Android malware family classification. Entropy, 23(8). https://doi.org/10.3390/e23081009
  37. Choudhary, M., & Kishore, B. (2018). HAAMD: Hybrid analysis for Android malware detection. In 2018 International Conference on Computer Communication and Informatics (ICCCI). https://doi.org/10.1109/ICCCI.2018.8441295
  38. Hadiprakoso, R. B., Kabetta, H., & Buana, I. K. S. (2020). Hybrid-based malware analysis for effective and efficiency Android malware detection. In Proceedings of the 2nd International Conference on Informatics, Multimedia, Cyber and Information System (ICIMCIS). https://doi.org/10.1109/ICIMCIS51567.2020.9354315
  39. Smmarwar, S. K., Gupta, G. P., & Kumar, S. (2023). Analysis of feature selection methods for Android malware detection using machine learning techniques. In Big Data Analytics in Fog-Enabled IoT Networks: Towards a Privacy and Security Perspective. https://doi.org/10.1201/9781003264545-8
  40. Şahin, D. Ö., Kural, O. E., Akleylek, S., & Kılıç, E. (2023). A novel Android malware detection system: Adaptation of filter-based feature selection methods. Journal of Ambient Intelligence and Humanized Computing, 14(2). https://doi.org/10.1007/s12652-021-03376-6
  41. Guendouz, M., & Amine, A. (2023). A new feature selection method based on Dragonfly algorithm for Android malware detection using machine learning techniques. International Journal of Information Security and Privacy, 17(1). https://doi.org/10.4018/IJISP.319018
  42. Hao, J., Pan, L., Li, R., Yang, P., & Luo, S. (2022). Low redundancy feature selection method for Android malware detection. Journal of Beijing University of Aeronautics and Astronautics, 48(2). https://doi.org/10.13700/j.bh.1001-5965.2020.0567
  43. Abawajy, J., Darem, A., & Alhashmi, A. A. (2021). Feature subset selection for malware detection in smart IoT platforms. Sensors (Switzerland), 21(4). https://doi.org/10.3390/s21041374
  44. Kshirsagar, D., & Agrawal, P. (2022). A study of feature selection methods for Android malware detection. Journal of Information and Optimization Sciences, 43(8). https://doi.org/10.1080/02522667.2022.2133218
  45. Lu, N., Li, D., Shi, W., Vijayakumar, P., Piccialli, F., & Chang, V. (2021). An efficient combined deep neural network based malware detection framework in 5G environment. Computer Networks, 189. https://doi.org/10.1016/j.comnet.2021.107932
  46. Fan, M., et al. (2018). Android malware familial classification and representative sample selection via frequent subgraph analysis. IEEE Transactions on Information Forensics and Security, 13(8). https://doi.org/10.1109/TIFS.2018.2806891
  47. Ansori, D. B., Slamet, J., Ghufron, M. Z., Putra, M. A. R., & Ahmad, T. (2024). Android malware classification using gain ratio and ensembled machine learning. International Journal of Safety and Security Engineering, 14(1). https://doi.org/10.18280/ijsse.140126
  48. Subbiah, S. S., & Chinnappan, J. (2021). Opportunities and challenges of feature selection methods for high dimensional data: A review. https://doi.org/10.18280/isi.260107
  49. Shen, L., et al. (2023). Self-attention based convolutional-LSTM for Android malware detection using network traffics grayscale image. Applied Intelligence, 53(1). https://doi.org/10.1007/s10489-022-03523-2
  50. Keyvanpour, M. R., Shirzad, M. B., & Heydarian, F. (2023). Android malware detection applying feature selection techniques and machine learning. Multimedia Tools and Applications, 82(6). https://doi.org/10.1007/s11042-022-13767-2
  51. Guendouz, M., & Amine, A. (2022). A new wrapper-based feature selection technique with Fireworks algorithm for Android malware detection. International Journal of Software Science and Computational Intelligence, 14(1). https://doi.org/10.4018/ijssci.312554
  52. Rashed, M., & Suarez-Tangil, G. (2021). An analysis of Android malware classification services. Sensors, 21(16). https://doi.org/10.3390/s21165671
  53. Park, J., Vu, L. N., Bencivengo, G., & Jung, S. (2020). Automatic generation of MAEC and STIX standards for Android malware threat intelligence. KSII Transactions on Internet and Information Systems, 14(8). https://doi.org/10.3837/tiis.2020.08.015
  54. Pan, Y., Ge, X., Fang, C., & Fan, Y. (2020). A systematic literature review of Android malware detection using static analysis. IEEE Access, 8. https://doi.org/10.1109/ACCESS.2020.3002842
  55. Sumalatha, P., & Mahalakshmi, G. S. (2023). Machine learning based ensemble classifier for Android malware detection. International Journal of Computer Networks and Communications, 15(4), 111–122. https://doi.org/10.5121/ijcnc.2023.15407
  56. Yang, J., Tang, J., Yan, R., & Xiang, T. (2022). Android malware detection method based on permission complement and API calls. Chinese Journal of Electronics, 31(4). https://doi.org/10.1049/cje.2020.00.217
  57. Feng, P., Ma, J., Sun, C., Xu, X., & Ma, Y. (2018). A novel dynamic Android malware detection system with ensemble learning. IEEE Access, 6, 30996–31011. https://doi.org/10.1109/ACCESS.2018.2844349
  58. Mohamad Arif, J., Ab Razak, M. F., Awang, S., Tuan Mat, S. R., Ismail, N. S. N., & Firdaus, A. (2021). A static analysis approach for Android permission-based malware detection systems. PLoS One, 16(9). https://doi.org/10.1371/journal.pone.0257968
  59. Sato, R., Chiba, D., & Goto, S. (2013). Detecting Android malware by analyzing manifest files. Proceedings of the Asia-Pacific Advanced Network, 36. https://doi.org/10.7125/apan.36.4
  60. Chen, H., Li, Z., Jiang, Q., Rasool, A., & Chen, L. (2021). A hierarchical approach for Android malware detection using authorization-sensitive features. Electronics (Switzerland), 10(4), 1–24. https://doi.org/10.3390/electronics10040432
  61. Sharma, R. M., & Agrawal, C. P. (2022). MH-DLdroid: A meta-heuristic and deep learning-based hybrid approach for Android malware detection. International Journal of Intelligent Engineering and Systems, 15(4), 425–435. https://doi.org/10.22266/ijies2022.0831.38
  62. Ashawa, M., & Morris, S. (n.d.). Analysis of Android malware detection techniques: A systematic review. http://sdiwc.net/digital-library/analysis-of-android-malware-detection-techniques-a-systematic-review
  63. Alzubaidi, A. (n.d.). Sustainable Android malware detection scheme using deep learning algorithm. http://amd.arguslab.org/
  64. Akhtar, M. S., & Feng, T. (2022). Malware analysis and detection using machine learning algorithms. Symmetry, 14(11). https://doi.org/10.3390/sym14112304
  65. Meijin, L., et al. (2022). A systematic overview of Android malware detection. Applied Artificial Intelligence. https://doi.org/10.1080/08839514.2021.2007327