Research Article

Enhancing Android Malware Detection through Swarm Intelligence and Autoencoder Techniques Applied to API Call Analysis

DOI:

10.3791/69398

December 30th, 2025

In This Article

Summary

Loading...
$$\rightleftharpoonup{xx}$$ $$\longleftharp{xx}$$, $$\longrightharp{xx}$$,

A hybrid Android malware detection framework is proposed, leveraging learned feature representations and traditional classifiers to enhance detection accuracy, reduce manual feature engineering, and counter evolving malware threats effectively.

Abstract

Loading...
$$\rightleftharpoonup{xx}$$ $$\longleftharp{xx}$$, $$\longrightharp{xx}$$,

Malware Security Intelligence involves analyzing applications and their metadata to identify potential security threats. Application Programming Interface (API) calls serve as a valuable source of information for detecting malware. Reducing the feature space in malware analysis enhances the efficiency of threat identification. This research seeks to identify the most significant API call features to enhance the precision of Android malware detection. Three swarm intelligence-based optimization techniques-Firefly Optimization, Cuckoo Search Optimization, and Ant Colony Optimization -are employed alongside Auto-Encoders to extract the most significant features. To evaluate these nature-inspired wrapper-based methods, popular machine learning classifiers, including K-Nearest Neighbour (KNN), Random Forest (RF), Support Vector Machine (SVM), Decision Tree (DT), and Linear Regression (LR), are used. Furthermore, a hybrid artificial neural classifier is shown to improve the performance of malware categorization. Effectiveness of the suggested method is demonstrated by experimental results, which show an accuracy of 98.87% using only 7 out of 100 API call features.

Introduction

Loading...
$$\rightleftharpoonup{xx}$$ $$\longleftharp{xx}$$, $$\longrightharp{xx}$$,

The most popular mobile operating system is Android, which is based on Linux and has a 72.55% global market share1. In contrast to other operating systems that are subject to stringent laws and copyrights, Android is an open-source platform that welcomes contributions from developers worldwide. But because of its large user base, virus assaults target it frequently. Malware is the term for malicious software intended to compromise the operation of computer systems or take advantage of private information. The most common method of malware infiltration in the Android ecosystem is through application downloads. While applications obtained from tr....

Access restricted. Please log in or start a trial to view this content.

Protocol

Loading...
$$\rightleftharpoonup{xx}$$ $$\longleftharp{xx}$$, $$\longrightharp{xx}$$,

The wrapper-based feature selection method using auto-encoders is used in the suggested architecture for Android malware detection, as shown in Figure 1. The dataset is divided into 70:30 training and testing subsets. Classification and feature selection are the two main steps in the malware analysis process.

Feature selection (FS): This step is iteratively searching for the best feature subsets (see Definition 1) using swarm intelligence-based algorithms, notably Cuckoo Search Optimization (CSO), Ant Lion Optimization (ALO), and Firefly Optimization (FO). After that, auto-encoders process the ....

Access restricted. Please log in or start a trial to view this content.

Results

Loading...
$$\rightleftharpoonup{xx}$$ $$\longleftharp{xx}$$, $$\longrightharp{xx}$$,

Several performance indicators, such as Mean Squared Error (MSE), Root Mean Squared Error (RMSE), Precision, Recall, F1-Score, and Accuracy, are used in the proposed Android malware detection system to assess classification accuracy. The following is a definition of these measures.

figure-results-1
figure-results-2

Access restricted. Please log in or start a trial to view this content.

Discussion

Loading...
$$\rightleftharpoonup{xx}$$ $$\longleftharp{xx}$$, $$\longrightharp{xx}$$,

Android malware threats are increasing, with adversaries employing increasingly sophisticated evasion techniques. Android-based mobile systems and applications play a crucial role in smart cities and industrial environments. Ensuring the security of these systems, particularly in such critical domains, necessitates robust malware detection mechanisms. Recently, machine learning-based malware detection research has gained significant attention18. However, many existing methods rely on feature engin.......

Access restricted. Please log in or start a trial to view this content.

Disclosures

Loading...
$$\rightleftharpoonup{xx}$$ $$\longleftharp{xx}$$, $$\longrightharp{xx}$$,

No conflicts of interest or external influences affected the outcomes of this work. All methods, results, and interpretations presented are original and unbiased

Acknowledgements

Loading...
$$\rightleftharpoonup{xx}$$ $$\longleftharp{xx}$$, $$\longrightharp{xx}$$,

I would like to express my sincere gratitude to my guide and KLU, who supported this work. Their guidance, feedback, and encouragement were invaluable throughout the development of this project.

....

Access restricted. Please log in or start a trial to view this content.

Materials

List of materials used in this article
NameCompanyCatalog NumberComments
Anaconda NavigatorAnaconda, Inc.Navigator-2023
Google ColabGoogle LLCN/A
Jupyter NotebookProject JupyterN/A
PythonPython Software Foundation>=3.9
PyTorchFacebook AI Research>=2.0
Scikit-learnCommunity Driven>=1.0
TensorFlowGoogle Brain>=2.8
Windows Operating SystemMicrosoft Corporation11

References

Loading...
$$\rightleftharpoonup{xx}$$ $$\longleftharp{xx}$$, $$\longrightharp{xx}$$,
  1. Stat Counter. Mobile operating systems' market share worldwide. , https://gs.statcounter.com/os-market-share/mobile/worldwide (2025).
  2. Daj, A. C., Mateescu, A., Endre-Laszlo, A., Baciu, A., Flondor, E. Malicious-google-play-apps-bypassed-android-security. , https://www.bitdefender.com/en-us/blog/labs/malicious-google-play-apps-bypassed-android-security (2025).
  3. Han, Q., Subrahmanian, V. S., Xiong, Y.....

Access restricted. Please log in or start a trial to view this content.

Reprints and Permissions

Request permission to reuse the text or figures of this JoVE article

Request Permission

Tags

Android Malware DetectionSwarm IntelligenceAPI Call AnalysisAutoencoder TechniquesFeature SelectionFirefly OptimizationCuckoo Search OptimizationAnt Colony OptimizationMachine Learning ClassifiersNeural Network Classifier

Related Articles