A Hybrid Static-Dynamic Analysis Model for Android Malware Detection : Design, Implementation and Comparative Assessment

Abstract

The attack surface for cyber threats targeting the Android platform has grown dramatically due to the widespread use of Android handsets, the openness of the Android ecosystem, coarse-grained authorization structures, and the invocation of third-party code. The effectiveness of machine learning methods in identifying Android malware has been shown by recent studies. In this work, we provide a hybrid analysis approach that combines static and dynamic analysis to detect Android malware in a dependable and efficient manner. This hybrid model increases detection precision and accuracy while also improving feature extraction procedures. Additionally, we compare the results of static and dynamic analysis with the hybrid approach and look at how each affects classification performance separately. According to experimental results, our hybrid model performs better than other models, achieving 98.9% accuracy, 99.1% precision, 98.3% recall, and 98.7% F1-score. These results indicate a 12% and 22% increase in detection accuracy, respectively, over static and dynamic analytic techniques. Additionally, our findings highlight the limitations of using static or dynamic analysis alone, in terms of detection accuracy, resource efficiency, and behaviour profiling of Android malware. Overall, the study highlights the effectiveness of hybrid analysis in enhancing malware detection systems and achieving more reliable and accurate security classifications.