DESIGN & DEVELOPMENT OF MALWARE DETECTION TECHNIQUE FOR ANDROID BASED SMART DEVICES

Abstract

The widespread integration of smartphones into modern society has revolutionized communication, work, entertainment, and access to information, with Android-based devices dominating the market, accounting for approximately 70% of global smartphone usage. However, this popularity has made Android devices prime targets for malware attacks, posing serious threats due to the sensitive personal and financial data they store. Consequently, there is an urgent need for innovative and effective malware detection techniques. Our study addresses this challenge by introducing three novel approaches to Android malware detection. First, we applied rough set theory to select and rank static features such as permissions, API calls, system commands, and opcodes, using a Discernibility Matrix to assign importance to each feature and calculate reducts— streamlined subsets that enhance detection accuracy while minimizing complexity. Machine learning algorithms, including Support Vector Machines (SVM), K-Nearest Neighbor (KNN), Random Forest, and Logistic Regression, were employed to achieve an impressive 97% detection accuracy, surpassing many state-of-the-art techniques. Secondly, we pioneered a hybrid method by establishing covalent bonds between permissions and system calls, combining static and dynamic analysis to uncover malicious behavior. A novel Covalent Bond Strength Score was introduced to assess the combined impact of these pairs, with distinct scores for benign and malicious behaviors. This approach provided a comprehensive framework for malware detection, achieving a detection accuracy of 97.5%, further improving upon existing methods. Lastly, we developed a visual malware detection technique based on Android process memory dumps. The memory dump files were transformed into grayscale images, from which features such as color histograms, Hu moments, and Haralick textures were extracted. These features were used to train machine learning classifiers to differentiate between benign and malicious applications. Among the classifiers tested, Random Forest delivered the best performance. In conclusion, our integrated approaches provide robust frameworks for Android malware detection, each contributing significant advancements to the field and demonstrating superior performance compared to existing technique.