Android Malware Detection: An Empirical Investigation into Machine Learning Classifiers

Smartphones have become an all-in-one device due to their constant connectivity and ability to provide a wide range of functions. However, they can expose users to various forms of malware, posing significant threats to their privacy, security, and financial well-being. In this context, the detection and classification of Android malware have emerged as critical research areas in cybersecurity. Our study develops six distinct models/classifiers for detecting and classifying Android malware, leveraging the following machine-learning algorithms: MLP, logistic regression, random forest, SVM, XGBoost, and AdaBoost. Through a systematic evaluation process, we assess the efficacy of each model, highlighting their respective strengths and weaknesses. These findings not only contribute to the existing body of knowledge but also pave the way for future research and innovation in the field of Android security. Furthermore, we investigate the impact of data preprocessing and feature selection strategies on model performance and generalization capabilities. Our experimental results reveal that Random Forest (RF) and Extreme Gradient Boosting (XGBoost) classifiers outperformed others in classifying Android malware, showcasing performance of around 93% and 92%, respectively across accuracy, precision, recall, and f1-score. With an AUC of 0.93 for RF and 0.92 for XGBoost, these models can clearly distinguish between malware and benign samples with minimum misclassifications. Our findings shed light on the effectiveness of machine learning algorithms in combating Android malware and offer valuable insights into the most suitable models. Ultimately, this research study advances the understanding of Android malware detection and classification, providing a foundation for developing robust security solutions in the mobile computing landscape.