PacDroid: lightweight android malware detection using permissions and intent features

PacDroid: lightweight android malware detection using permissions and intent features

연구 분야: Safety

학회: Multimedia Tools and Applications

The popularity of the Android platform and the widespread use of mobile applications have made them prime targets for cyber threats. Conventional single-feature-based detection models struggle to keep pace with the rapidly evolving landscape of Android malware. This paper introduces PacDroid, a lightweight Android malware detection model that combines Android permissions, Intent Actions, and Category features to train the detection model. The feature selection phase integrates an advanced algorithm based on Gini importance, also known as Mean Decrease Impurity (MDI). This method evaluates and ranks features, selecting the most relevant ones to construct a more streamlined and effective model, thereby mitigating overfitting and enhancing generalization. The algorithm efficiently reduces the feature set size by 85% and cuts training time up to 90%, significantly enhancing model performance. We trained and evaluated Machine Learning (ML) classifiers, including Random Forests and XGBoost, on two benchmark datasets, CCCS-CIC and CIC-MalDroid, comprising 88,000 samples. The proposed model achieves 95.81% accuracy without feature selection and 96.75% accuracy with feature selection, outperforming existing methodologies.