Proceedings of International Conference on Applied Innovation in IT
2025/07/26, Volume 13, Issue 3, pp.173-181

A Hybrid Static-Dynamic Analysis Model for Android Malware Detection: Design, Implementation and Comparative Assessment


Shatha Hamead Othman and Huda Abdulaali Abdulbaqi


Abstract: The attack surface for cyber threats targeting the Android platform has grown dramatically due to the widespread use of Android handsets, the openness of the Android ecosystem, coarse-grained authorization structures, and the invocation of third-party code. The effectiveness of machine learning methods in identifying Android malware has been shown by recent studies. In this work, we provide a hybrid analysis approach that combines static and dynamic analysis to detect Android malware in a dependable and efficient manner. This hybrid model increases detection precision and accuracy while also improving feature extraction procedures. Additionally, we compare the results of static and dynamic analysis with the hybrid approach and look at how each affects classification performance separately. According to experimental results, our hybrid model performs better than other models, achieving 98.9% accuracy, 99.1% precision, 98.3% recall, and 98.7% F1-score. These results indicate a 12% and 22% increase in detection accuracy, respectively, over static and dynamic analytic techniques. Additionally, our findings highlight the limitations of using static or dynamic analysis alone, in terms of detection accuracy, resource efficiency, and behaviour profiling of Android malware. Overall, the study highlights the effectiveness of hybrid analysis in enhancing malware detection systems and achieving more reliable and accurate security classifications.

Keywords: Android, Malware Detection, Hybrid Approach, Static Analysis, Dynamic Analysis.

DOI: Under Indexing

Download: PDF

References:

  1. M. Li, Z. Fang, J. Wang, L. Cheng, Q. Zeng, T. Yang, Y. Wu, and J. Geng, "A systematic overview of Android malware detection," Appl. Artif. Intell., vol. 36, no. 1, p. e2007327, 2022, [Online]. Available: https://doi.org/10.1080/08839514.2021.2007327.
  2. R. Srinivasan, S. Karpagam, M. Kavitha, and R. Kavitha, "An analysis of machine learning-based Android malware detection approaches," in Proc. Int. Conf. Electron. Circuits Signal. Technol., 2022.
  3. N. Jafaar and B. M. Nema, "Geolocation Android mobile phones using GSM/UMTS," Baghdad Sci. J., vol. 16, no. 1, Art. no. 34, 2019, doi: 10.21123/bsj.2019.16.1(Suppl.).0254.
  4. N. A. Sadkhan, Z. O. Ahmed, and R. N. Ajmi, "Assessing the potential of wild mushrooms as bioindicators for environmental pollution prediction using machine learning," Int. J. Des. Nat. Ecodyn., vol. 20, no. 2, pp. 439-446, Feb. 2025.
  5. B. AlKindy, O. B. Jamil, H. Al-Nayyef, and W. Alkendi, "A machine learning approach for identifying five types of horizontal ocular disorders using Haar features," Al-Mustansiriyah J. Sci., vol. 36, no. 1, pp. 69-83, Mar. 2025, doi: 10.23851/mjs.v36i1.1597.
  6. A. Feizollah, N. B. Anuar, R. Salleh, and A. W. A. Wahab, "A review on feature selection in mobile malware detection," Digit. Investig., vol. 13, pp. 22-37, 2015.
  7. B. Amro, "Malware detection techniques for mobile devices," Int. J. Mob. Netw. Commun. Telemat., vol. 7, pp. 1-10, 2017.
  8. O. N. Elayan and A. M. Mustafa, "Android malware detection using deep learning," Procedia Comput. Sci., vol. 184, pp. 847-852, 2021.
  9. R. S. Arslan, "Identify type of Android malware with machine learning based ensemble model," in Proc. 5th Int. Symp. Multidiscip. Stud. Innov. Technol. (ISMSIT), Oct. 2021, pp. 628-632.
  10. T. Ball, "The concept of dynamic analysis," in *Software Engineering—ESEC/FSE’99*, Berlin, Germany: Springer, 1999, pp. 216-234.
  11. M. Gracea and M. Sughasiny, "Malware detection for Android application using Aquila optimizer and hybrid LSTM-SVM classifier," EAI Endorsed Trans. Scalable Inf. Syst., vol. 10, no. 1, 2022.
  12. Z. Xue, W. Niu, X. Ren, J. Li, X. Zhang, and R. Chen, "A stacking-based classification approach to Android malware using host-level encrypted traffic," J. Phys.: Conf. Ser., vol. 2024, no. 1, p. 012049, Sep. 2021.
  13. J. Feng, L. Shen, Z. Chen, Y. Lei, and H. Li, "HGDetector: A hybrid Android malware detection method using network traffic and function call graph," Alexandria Eng. J., vol. 114, pp. 30-45, 2025.
  14. A. H. Lashkari, A. F. A. Kadir, L. Taheri, and A. A. Ghorbani, "Toward developing a systematic approach to generate benchmark Android malware datasets and classification," in Proc. Int. Carnahan Conf. Secur. Technol. (ICCST), 2018, pp. 1-7.
  15. "Number of smartphone and mobile phone users worldwide in 2020/2021: Demographics, statistics, predictions," [Online]. Available: https://www.unb.ca/cic/datasets/andmal2017.html, [Accessed: Jan. 11, 2020].
  16. E. S. Alomari, R. R. Nuiaa, Z. A. A. Alyasseri, H. J. Mohammed, N. S. Sani, M. I. Esa, and B. A. Musawi, "Malware detection using deep learning and correlation-based feature selection," Symmetry, vol. 15, p. 123, 2023, doi: 10.3390/sym15010123.
  17. I. Ahmad, M. Basheri, M. J. Iqbal, and A. Rahim, "Performance comparison of support vector machine, random forest, and extreme learning machine for intrusion detection," IEEE Access, vol. 6, pp. 33789-33795, 2018.
  18. S. J. Russell and P. Norvig, Artificial Intelligence: A Modern Approach, 4th ed. Pearson Education, 2020.
  19. R. RamaDevi and M. Abualkibash, "Intrusion detection system classification using different machine learning algorithms on KDD-99 and NSL-KDD datasets - a review paper," Int. J. Comput. Sci. Inf. Technol., vol. 11, no. 3, pp. 65-80, 2019, doi: 10.5121/ijcsit.2019.11306.
  20. S. A. Salihu, S. O. Quadri, and O. C. Abikoye, "Performance evaluation of selected machine learning techniques for malware detection


    HOME

       - Conference
       - Journal
       - Paper Submission to Journal
       - Paper Submission to Conference
       - For Authors
       - For Reviewers
       - Important Dates
       - Conference Committee
       - Editorial Board
       - Reviewers
       - Last Proceedings


    PROCEEDINGS

       - Volume 13, Issue 3 (ICAIIT 2025)
       - Volume 13, Issue 2 (ICAIIT 2025)
       - Volume 13, Issue 1 (ICAIIT 2025)
       - Volume 12, Issue 2 (ICAIIT 2024)
       - Volume 12, Issue 1 (ICAIIT 2024)
       - Volume 11, Issue 2 (ICAIIT 2023)
       - Volume 11, Issue 1 (ICAIIT 2023)
       - Volume 10, Issue 1 (ICAIIT 2022)
       - Volume 9, Issue 1 (ICAIIT 2021)
       - Volume 8, Issue 1 (ICAIIT 2020)
       - Volume 7, Issue 1 (ICAIIT 2019)
       - Volume 7, Issue 2 (ICAIIT 2019)
       - Volume 6, Issue 1 (ICAIIT 2018)
       - Volume 5, Issue 1 (ICAIIT 2017)
       - Volume 4, Issue 1 (ICAIIT 2016)
       - Volume 3, Issue 1 (ICAIIT 2015)
       - Volume 2, Issue 1 (ICAIIT 2014)
       - Volume 1, Issue 1 (ICAIIT 2013)


    PAST CONFERENCES

       ICAIIT 2025
         - Photos
         - Reports

       ICAIIT 2024
         - Photos
         - Reports

       ICAIIT 2023
         - Photos
         - Reports

       ICAIIT 2021
         - Photos
         - Reports

       ICAIIT 2020
         - Photos
         - Reports

       ICAIIT 2019
         - Photos
         - Reports

       ICAIIT 2018
         - Photos
         - Reports

    ETHICS IN PUBLICATIONS

    ACCOMODATION

    CONTACT US

 

        

         Proceedings of the International Conference on Applied Innovations in IT by Anhalt University of Applied Sciences is licensed under CC BY-SA 4.0


                                                   This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License


           ISSN 2199-8876
           Publisher: Edition Hochschule Anhalt
           Location: Anhalt University of Applied Sciences
           Email: leiterin.hsb@hs-anhalt.de
           Phone: +49 (0) 3496 67 5611
           Address: Building 01 - Red Building, Top floor, Room 425, Bernburger Str. 55, D-06366 Köthen, Germany

        site traffic counter

Creative Commons License
Except where otherwise noted, all works and proceedings on this site is licensed under Creative Commons Attribution-ShareAlike 4.0 International License.