Hybrid Permission-Based Android Malware Detection Using Deep Learning-Enhanced Cnns And Xgboost

Abstract

Android, with a global mobile operating system market share of 71.17%, has become a primary target for malware attacks, leading to significant social issues such as privacy violations, financial losses, and psychological stress. This study provides insights into the global impact of Android malware, including country-specific attack statistics. While traditional machine learning algorithms have been extensively used for malware detection, their limitations in addressing the evolving complexity of Android malware emphasize the need for deep learning approaches. This research discusses permission-based detection methods and explores alternative models, evaluating their performance across diverse datasets. To address these challenges, a hybrid model is proposed, combining XGBoost for feature enhancement with Convolutional Neural Networks (CNNs) for hierarchical learning. Implemented within a K-Fold cross-validation framework, the model achieves exceptional results, including an average accuracy of 94.23%, precision of 95.75%, recall of 92.41%, F1 score of 93.98%, and ROC AUC of 97.59%. A comparative analysis highlights the model's superiority over traditional machine learning algorithms such as Logistic Regression, Random Forest, Naive Bayes, and KNN in all key performance metrics. The findings demonstrate the potential of integrating feature enrichment with deep learning to develop robust and scalable solutions for Android malware detection.