Enhancing the Sustainability of Machine Learning-Based Malware Detection Techniques for Android Applications

Enhancing the Sustainability of Machine Learning-Based Malware Detection Techniques for Android Applications

The rapid increase in smartphone usage has led to a corresponding rise in malicious Android applications, making it important to develop efficient and sustainable malware detection methods that maintain high accuracy. This paper presents a two-stage machine learning approach aimed at improving both...

Full description

Saved in:
Bibliographic Details
Main Authors: Seyeon Park, Hojun Lee, Daeun Kim, Hyeun Jun Moon, Seong-Je Cho, Youngsup Hwang, Hyoil Han, Kyoungwon Suh
Format: Article
Language:English
Published: IEEE 2025-01-01
Series:IEEE Access
Subjects:
Android malware
malware detection
Random Forest model
Online Access:https://ieeexplore.ieee.org/document/11023590/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The rapid increase in smartphone usage has led to a corresponding rise in malicious Android applications, making it important to develop efficient and sustainable malware detection methods that maintain high accuracy. This paper presents a two-stage machine learning approach aimed at improving both detection accuracy and sustainability in Android malware classification. The first stage estimates the release year of an app using its SDK version information, while the second stage classifies apps as benign or malicious through a weighted voting mechanism applied to year-specific malware detection models. This method balances the high accuracy of retraining with reduced computational overhead, delivering robust and scalable malware detection. Using a dataset spanning 2014 to 2023, we evaluate the performance of the proposed method in comparison to retraining-based and incremental learning-based approaches. Experimental results demonstrate that while the retraining-based method achieves the highest accuracy and F1 score, it incurs a significant increase in training time. Conversely, the incremental learning-based method offers lower accuracy but reduced training time. Our two-stage model-based classification method effectively balances these trade-offs, providing accuracy comparable to the retraining-based approach while maintaining stable training times and moderate model sizes, making it a viable option for sustainable malware detection in real-world environments. Future research will explore non-machine-learning-based release year prediction methods to further optimize training efficiency and improve adaptability to the rapidly evolving malware detection landscape.
ISSN:2169-3536

Similar Items