Android Malware Detection: Leveraging Deep Learning with Process Control Block Information

The security and privacy of Android device users are seriously threatened by the sophistication and endurance of malware. The risks associated with malware assaults on Android are larger than ever since mobile devices are being utilized for sensitive transactions and data storage more and more. This paper proposes a dynamic malware detection system that mines data from Process Control Blocks (PCBs) during process execution to identify malicious activity using deep learning techniques. Our method provides robust detection of various threats by examining processes at this fundamental level. It precisely monitors changes in PCB parameters for all application threads functioning at the kernel level, in contrast to user-level malware detection. Our PCB mining approach outperforms existing methods in accuracy and scalability of captured PCB records. Our testing findings revealed a high success rate, capturing over 99 percent of context transitions. Utilizing a manageable sequence size of 12 PCBs, our deep learning detection model successfully identified malicious activity at various points in the process execution, achieving an accuracy of 95.6%.