Identification of Android APK malware through local and global feature extraction using meta classifier

Abstract

Android, the most widely used mobile operating system, is also the most vulnerable to malware due to its high popularity. This has significantly focused on Android malware detection in mobile security. While extensive research has been conducted using various methods, new malware’s emergence underscores this field’s dynamic nature and the need for continuous research. The motivation that drives malware developers to create Android malware constantly is the potential to access Android devices, thereby gaining access to sensitive user information. This study, which is a complex and in-depth exploration, aims to detect Android malware using a meta-classifier that combines the single-classifier light gradient boosting machine, support vector machine, and random forest. The process involves converting disassembled malware codes into grey images for global and local feature extraction. The classification accuracy is 97% at best on a malware dataset of 3,963 samples. The main contribution of this paper is to produce an Android APK malware detector model that works by combining multiple machine learning algorithms trained using the dataset resulting from local and global feature extraction algorithms.