A Dimensionality Reduction Approach Based on Deep Learning and Black-Winged Kite Algorithm for Android Malware Detection
Subject Areas : مهندسی برق و کامپیوتر
mohsen Eghbali
1
,
M. Mollakhalili Meybodi
2
*
,
kamal mirzaie
3
1 - Dept. of Comp. Eng., Maybod Branch, Islamic Azad University, Maybod, Iran
2 - Dept. of Comp. Eng., Maybod Branch, Islamic Azad University, Maybod, Iran
3 - Dept. of Comp. Eng., Maybod Branch, Islamic Azad University, Maybod, Iran
Keywords: Machine learning, deep learning, feature selection, dimensionality reduction, black-winged kite (BKA) algorithm, Android malware.,
Abstract :
Today, with the increase in mobile devices, malware has also spread to the Android platform. These malware are written in more complex ways that are difficult to detect. Machine learning and deep learning methods are used to detect them because they can identify complex malware patterns. One challenge in malware detection with machine learning and deep learning methods is the high dimensionality of training samples. In this paper, a binary version of the Black-winged kite (BKA) algorithm is presented to reduce the dimensionality of training samples for the detection of Android malware. In the proposed method, the first stage extracts malware features using the BKA algorithm, which are then fed to the LSTM neural network. The LSTM's role is to classify Android malware samples as benign or malignant. To improve LSTM accuracy, its meta-parameters are also optimized using an Arithmetic optimization algorithm (AOA). Experiments on the CICandMal2017 dataset showed that the proposed method achieved accuracies of 98.63%, 98.29%, and 97.48% for accuracy, sensitivity, and precision, respectively. In the proposed approach, when balancing is performed using the GAN method on the CICandMal2017 dataset, the average accuracy, sensitivity, and precision of the proposed method increase to 99.62%, 98.93%, and 98.52%, respectively. Experiments show that the proposed method is more accurate at detecting malware than dimensionality-reduction methods such as WOA, HHO, and AVOA. The proposed method is about 16.4% more accurate than the LSTM neural network.
[1] X. Xiang, et al., "AppChainer: Investigating the chainability among payloads in android applications," Cybersecurity, vol. 6, no. 16, 2023.
[2] Statista, Number of Apps Available in Leading App Stores as of 4th Quarter 2020, 2021, https://www.statista.com/statistics/276623/number-of-apps-available-in-leading-app-stores, [Accessed 2022].
[3] K. A. Kumar, A. Raman, C. Gupta, and R. R. Pillai, "The recent trends in malware evolution, detection and analysis for Android devices," Journal of Engineering Science & Technology Review, vol. 13, no. 4, pp. 240-248, 2020.
[4] BBC, One Billion Android Devices at Risk of Hacking, 2021, https://www.bbc.com/news/technology-51751950, [Accessed 2022].
[5] Z. Muhammad, F. Amjad, Z. Iqbal, A. R. Javed, & T. R. Gadekallu, "Circumventing Google Play vetting policies: A stealthy cyberattack that uses incremental updates to breach privacy" Journal of Ambient Intelligence and Humanized Computing, vol. 14, no. 5, pp. 4785-4794, 2023.
[6] O. A. Alzubi, J. A. Alzubi, A. M. Al-Zoubi, M. A. Hassonah, and U. Kose, "An efficient malware detection approach with feature weighting based on Harris Hawks optimization," Cluster Computing, vol. 25, no. 1, pp. 1-19, Aug. 2022.
[7] H. H. R. Manzil and S. Manohar Naik, "Android malware category detection using a novel feature vector-based machine learning model," Cybersecurity, vol. 6, no. 1, 2023.
[8] H. AlOmari, Q. M. Yaseen, and M. A. Al-Betar, "A comparative analysis of machine learning algorithms for android malware detection," Procedia Computer Science, vol. 220, pp. 763-768, 2023.
[9] S. K. Smmarwar, G. P. Gupta, and S. Kumar, "Android malware detection and identification frameworks by leveraging the machine and deep learning techniques: A comprehensive review," Telematics and Informatics Reports, vol. 14, Article ID: 100130, Jun. 2024.
[10] S. Aurangzeb, and M. Aleem, "Evaluation and classification of obfuscated Android malware through deep learning using ensemble voting mechanism," Scientific Reports, vol. 13, Article ID: 3093, 2023.
[11] Y. Wu, et al., "DroidRL: Feature selection for android malware detection with reinforcement learning," Computers & Security, vol. 128, Article ID: 103126, May 2023.
[12] N. Xie, Z. Qin, and X. Di, "GA-StackingMD: Android malware detection method based on genetic algorithm optimized stacking," Applied Sciences, vol. 13, no. 4, Article ID: 2629, Feb.-2 2023.
[13] P. Kumar, and S. Singh, "Security testing of Android apps using malware analysis and XGboost optimized by adaptive particle swarm optimization," SN Computer Science, vol. 5, no. 1, 92, Jan. 2024.
[14] A. Djenna, A. Bouridane, S. Rubab, and I. M. Marou, "Artificial intelligence-based malware detection, analysis, and mitigation," Symmetry, vol. 15, no. 3, Article ID: 677, Mar. 2023.
[15] J. Wang, W. C. Wang, X. X. Hu, L. Qiu, and H. F. Zang, "Black-winged kite algorithm: a nature-inspired meta-heuristic for solving benchmark functions and engineering problems," Artificial Intelligence Review, vol. 57, Article ID: 58, 53 pp., 2024.
[16] L. Abualigah, A. Diabat, S. Mirjalili, M. Abd Elaziz, and A. H. Gandomi, "The arithmetic optimization algorithm," Computer Methods in Applied Mechanics and Engineering, vol. 376, Article ID: 113609, Apr. 2021.
[17] S. Nethala, et al., "A Deep Learning-Based ensemble framework for robust Android malware detection," IEEE Access, vol. 13, pp. 46673-46696, 2025.
[18] M. U. Rashid, et al., "Hybrid Android malware detection and classification using deep neural networks," International Journal of Computational Intelligence Systems, vol. 18, no. 1, pp. 1-26, 2025.
[19] M. S. Wasif, M. P. Miah, M. S. Hossain, M. J. Alenazi, and M. Atiquzzaman, "CNN-ViT synergy: An efficient Android malware detection approach through deep learning," Computers and Electrical Engineering, pt. A, vol. 123, Article ID: 110039, Apr. 2025.
[20] H. Kauser. Sk, & M. Anu. V, "Hybrid deep learning model for accurate and efficient android malware detection using DBN-GRU," PloS One, vol. 20, no. 5, Article ID: 0310230, 2025.
[21] M. Vu Minh, H. T. Nguyen, H. V. Le, T. D. Nguyen, and X. C. Do, "A static method for detecting android malware based on directed API call," International Journal of Web Information Systems, vol. 21, no. 3, pp. 183-204, May 2025.
[22] Y. Zhao, S. Sun, X. Huang, & J. Zhang, "An android malware detection method using frequent graph convolutional neural networks," Electronics, vol. 14, no. 6, Article ID: 1151, Mar-2 2025.
[23] X. Zhang, J. Wang, J. Xu, and C. Gu, "Detection of android malware based on deep forest and feature enhancement," IEEE Access, vol. 11, pp. 29344-29359, 2023.
[24] E. Mbunge, B. Muchemwa, J. Batani, and N. Mbuyisa, "A review of deep learning models to detect malware in Android applications," Cyber Security and Applications, vol. 1, Article ID: 100014, Dec. 2023.
[25] A. S. de Oliveira, and R. J. Sassi, Chimera: An Android Malware Detection Method Based on Multimodal Deep Learning and Hybrid Analysis, TechRxiv. preprint techrxiv.13359767.v1, 2020.
[26] S. Chen, B. Lang, H. Liu, Y. Chen, and Y. Song, "Android malware detection method based on graph attention networks and deep fusion of multimodal features," Expert Systems with Applications, pt. C, vol. 237, Article ID: 121617, Mar. 2024.
[27] G. Aldehim, et al., "Gauss-mapping black widow optimization with deep extreme learning machine for android malware classification model," IEEE Access, vol. 11, pp. 87062- 87070, 2023.
[28] Y. Wu, J. Shi, P. Wang, D. Zeng, and C. Sun, "DeepCatra: Learning flow‐and graph‐based behaviours for Android malware detection," IET Information Security, vol. 17, no. 1, pp. 118-130, Jan. 2023.
[29] V. Ravi, and R. Chaganti, "EfficientNet deep learning meta-classifier approach for image-based android malware detection," Multimedia Tools and Applications, vol. 82, no. 16, pp. 24891-24917, Jul. 2023.
[30] A. R. Nasser, A. M. Hasan, and A. J. Humaidi, "DL-AMDet: Deep learning-based malware detector for android," Intelligent Systems with Applications, vol. 21, Article ID: 200318, Mar. 2024.
[31] F. Ullah, X. Cheng, L. Mostarda, and S. Jabbar, "Android-IoT malware classification and detection approach using deep url features analysis," Journal of Database Management, vol. 34, no. 2, pp. 1-26, Jan. 2023.
[32] S. Sharma, P. Ahlawat, and K. Khanna, "DeepMDFC: A deep learning based android malware detection and family classification method," Security and Privacy, vol. 7, no. 2, Article ID: 347, Mar./Apr. 2024.
[33] F. Taher, O. AlFandi, M. Al-kfairy, H. Al Hamadi, and S. Alrabaee, "DroidDetectMW: A hybrid intelligent model for Android malware detection," Applied Sciences, vol. 13, no. 13, Article ID: 7720, Jul.-1 2023.
[34] L. Hammood, İ. A. Doğru, and K. Kılıç, "Machine learning-based adaptive genetic algorithm for Android malware detection in auto-driving vehicles," Applied Sciences, vol. 13, no. 9, Article ID: 5403, May-1 2023.
[35] T. Wisanwanichthan and M. Thammawichai, "A lightweight intrusion detection system for IoT and UAV using deep neural networks with knowledge distillation," Computers, vol. 14, no. 7, Article ID: 291, Jul. 2025.
[36] P. S. Moghaddam, A. Vaziri, S. S. Khatami, F. Hernando-Gallego, and D. Martín, "Generative adversarial and transformer network synergy for robust intrusion detection in IoT environments," Future Internet, vol. 17, no. 6, Article ID: 258, Jun. 2025.
[37] H. Chen, Y. Bu, K. Zong, L. Huang, and W. Hao, "The effect of data skewness on the LSTM-based mooring load prediction model," Journal of Marine Science and Engineering, vol. 10, no. 12, Article ID: 10121931, Dec. 2022.