Signal and Data Processing Journal A scientific journal officially licensed by the Commission for Scientific Publications of the (MSRT). Publisher: Research Ceter for Developmen of Technologies
Volume 22, Issue 4 (3-2026)
JSDP 2026, 22(4): 70-53 |
Back to browse issues page
Download citation:
BibTeX | RIS | EndNote | Medlars | ProCite | Reference Manager | RefWorks
Send citation to:
BibTeX | RIS | EndNote | Medlars | ProCite | Reference Manager | RefWorks
Send citation to:
Olyaei Torqabeh A, Rasoolzadegan A. A Deep Learning Based Method for Android Malware Detection. JSDP 2026; 22 (4) : 4
URL: http://jsdp.rcisp.ac.ir/article-1-1455-en.html
URL: http://jsdp.rcisp.ac.ir/article-1-1455-en.html
Associate Professor of Software Engineering, Department of Computer Engineering, Faculty of Engineering, Ferdowsi University of Mashhad, Mashhad, Iran
Abstract: (277 Views)
The Android operating system, an open-source platform supported by Google, has become a cornerstone of modern technology due to its widespread adoption in diverse devices, including smartphones, smart TVs, and wearables. This extensive reach has established Android as a dominant force in the global market but simultaneously made it a primary target for malware developers. The growing sophistication and frequency of mobile malware attacks pose significant challenges for users and Android app distribution platforms. These attacks exploit the open nature of the Android ecosystem and increasingly employ advanced techniques such as obfuscation, rendering traditional detection methods less effective. In response to these challenges, this study introduces an innovative approach to malware detection leveraging image and audio processing in combination with deep learning techniques. Our proposed methodology addresses the limitations of existing methods by providing a scalable, high-accuracy solution suitable for industrial deployment. The research is based on static analysis. During the static analysis, executable file bytes are transformed into audio signals, and features extracted from these signals are used to train a deep learning model. This model achieved an impressive accuracy of 99.3%, with a precision of 99.8% and a recall of 99.1%. The novelty of our approach lies in its ability to detect obfuscated malware, a critical and challenging aspect of modern malware detection. By mapping executable files to the audio domain in static analysis, our method effectively reduces computational complexity while enhancing detection accuracy. The proposed framework was validated on a diverse and comprehensive dataset, showcasing its capability to distinguish between benign and malicious applications with high reliability. Furthermore, the method's design ensures practical applicability in real-world scenarios, particularly in app distribution platforms where rapid and accurate malware detection is crucial. This research contributes a novel, efficient, and scalable malware detection solution that addresses the challenges posed by obfuscation and computational demands. The proposed framework not only advances the state-of-the-art in Android malware detection but also lays the groundwork for future research exploring hybrid analysis techniques and real-time detection capabilities.
Article number: 4
Keywords: Android Malware Detection, Deep Learning, Static Analysis, Image Processing, Audio Signal Processing
Type of Study: Research |
Subject:
Paper
Received: 2025/02/1 | Accepted: 2026/02/3 | Published: 2026/03/20 | ePublished: 2026/03/20
Received: 2025/02/1 | Accepted: 2026/02/3 | Published: 2026/03/20 | ePublished: 2026/03/20
References
1. J. Li et al., "Significant permission identification for machine-learning-based Android malware detection," IEEE Trans. Ind. Informat., vol. 14, no. 7, pp. 3216-3225, 2018. [DOI:10.1109/TII.2017.2789219]
2. N. Peiravian and X. Zhu, "Machine learning for android malware detection using permission and api calls," in Proc. IEEE 25th Int. Conf. Tools with Artificial Intelligence (ICTAI), Washington, DC, USA, 2013, pp. 556-560. [DOI:10.1109/ICTAI.2013.53]
3. Y. Zhou et al., "Taming information-stealing smartphone applications (on Android)," in Trust and Trustworthy Computing: 4th Int. Conf., TRUST 2011, Pittsburgh, PA, USA, June 22-24, 2011, vol. 6700, pp. 423-434.
4. H.-J. Zhu et al., "DroidDet: effective and robust detection of Android malware using static analysis along with rotation forest model," Neurocomputing, vol. 272, pp. 638-646, 2018. [DOI:10.1016/j.neucom.2017.07.030]
5. V. M. Afonso et al., "Identifying Android malware using dynamically obtained features," J. Comput. Virol. Hacking Tech., vol. 11, pp. 9-17, 2015. [DOI:10.1007/s11416-014-0226-7]
6. P. Yan and Z. Yan, "A survey on dynamic mobile malware detection," Softw. Qual. J., vol. 26, no. 3, pp. 891-919, 2018. [DOI:10.1007/s11219-017-9368-4]
7. G. Canfora, F. Mercaldo, and C. A. Visaggio, "Mobile malware detection using op-code frequency histograms," in 2015 12th Int. Joint Conf. on e-Business and Telecommunications (ICETE), 2015, pp. 1-7. [DOI:10.5220/0005537800270038]
8. M. K. Alzaylaee, S. Y. Yerima, and S. Sezer, "DL-Droid: Deep learning based Android malware detection using real devices," Computers & Security, vol. 89, p. 101663, 2020. [DOI:10.1016/j.cose.2019.101663]
9. J. Kim et al., "MAPAS: a practical deep learning-based Android malware detection system," Int. J. Inf. Secur., vol. 21, no. 4, pp. 725-738, 2022. [DOI:10.1007/s10207-022-00579-6]
10. X. Xiao et al., "Android malware detection based on system call sequences and LSTM," Multimed. Tools Appl., vol. 78, pp. 3979-3999, 2019. [DOI:10.1007/s11042-017-5104-0]
11. S. I. Imtiaz et al., "DeepAMD: Detection and identification of Android malware using high-efficient Deep Artificial Neural Network," Future Gener. Comput. Syst., vol. 115, pp. 844-856, 2021. [DOI:10.1016/j.future.2020.10.008]
12. D. T. Dehkordy and A. Rasoolzadegan, "A new machine learning-based method for Android malware detection on imbalanced dataset," Multimed. Tools Appl., vol. 80, pp. 24533-24554, 2021. [DOI:10.1007/s11042-021-10647-z]
13. L. Shen et al., "Self-attention based convolutional-LSTM for Android malware detection using network traffics grayscale image," Appl. Intell., 2022, pp. 1-23. [DOI:10.1007/s10489-022-03523-2]
14. K. Bakour and H. M. Ünver, "DeepVisDroid: Android malware detection by hybridizing image-based features with deep learning techniques," Neural Comput. Appl., vol. 33, pp. 11499-11516, 2021. [DOI:10.1007/s00521-021-05816-y]
15. Y. Ding et al., "Android malware detection method based on bytecode image," J. Ambient. Intell. Humaniz. Comput., 2020, pp. 1-10.
16. T. Hsien-De Huang and H.-Y. Kao, "R2-d2: Color-inspired convolutional neural network (CNN)-based Android malware detections," in Proc. IEEE Int. Conf. on Big Data (Big Data), Seattle, WA, USA, 2018, pp. 2017-2026.
17. D. Vasan et al., "IMCFN: Image-based malware classification using fine-tuned convolutional neural network architecture," Comput. Networks, vol. 171, p. 107138, 2020. [DOI:10.1016/j.comnet.2020.107138]
18. F. Mercaldo and A. Santone, "Deep learning for image-based mobile malware detection," J. Comput. Virol. Hacking Tech., vol. 16, no. 2, pp. 157-171, 2020. [DOI:10.1007/s11416-019-00346-7]
19. P. Yadav et al., "EfficientNet convolutional neural networks-based Android malware detection," Computers & Security, vol. 115, p. 102622, 2022. [DOI:10.1016/j.cose.2022.102622]
20. J. Feng et al., "A two-layer deep learning method for Android malware detection using network traffic," IEEE Access, vol. 8, pp. 125786-125796, 2020. [DOI:10.1109/ACCESS.2020.3008081]
21. M. Farrokhmanesh and A. Hamzeh, "Music classification as a new approach for malware detection," J. Comput. Virol. Hacking Tech, vol. 15, pp. 77-96, 2019. [DOI:10.1007/s11416-018-0321-2]
22. F. Mercaldo, A. Santone, "Audio signal processing for android malware detection and family identification," J. Comput. Virol. Hacking Tech., vol. 17, no. 2, pp. 139-152, 2021. [DOI:10.1007/s11416-020-00376-6]
23. R. Casolare et al., "Mobile Family Detection through Audio Signals Classification," in Proc. SECRYPT, 2021. [DOI:10.5220/0010543504790486]
24. A. Azab and M. Khasawneh, "Msic: malware spectrogram image classification," IEEE Access, vol. 8, pp. 102007-102021, 2020. [DOI:10.1109/ACCESS.2020.2999320]
25. P. Tarwireyi, A. Terzoli, and M.O. Adigun, "Using multi-audio feature fusion for android malware detection," Computers & Security, vol. 131, p. 103282, 2023. [DOI:10.1016/j.cose.2023.103282]
26. T. Irino and R.D. Patterson, "A time-domain, level-dependent auditory filter: The gammachirp," The Journal of the Acoustical Society of America, vol. 101, no. 1, pp. 412-419, 1997. [DOI:10.1121/1.417975]
27. P. Tarwireyi, A. Terzoli, and M.O. Adigun, "BarkDroid: Android malware detection using bark frequency Cepstral coefficients," Indonesian Journal of Information Systems, vol. 5, no. 1, pp. 48-63, 2022. [DOI:10.24002/ijis.v5i1.6266]
28. X. Zhao and D. Wang, "Analyzing noise robustness of MFCC and GFCC features in speaker identification," in Proc. IEEE Int. Conf. Acoustics, Speech and Signal Processing (ICASSP), Vancouver, BC, Canada, 2013. [DOI:10.1109/ICASSP.2013.6639061]
29. A. G. Howard et al., "Mobilenets: Efficient convolutional neural networks for mobile vision applications," arXiv preprint arXiv:1704.04861, 2017.
30. K. Simonyan, "Very deep convolutional networks for large-scale image recognition," arXiv preprint arXiv:1409.1556, 2014.
31. F. Chollet, "Xception: Deep learning with depthwise separable convolutions," in Proc. IEEE Conf. Computer Vision and Pattern Recognition (CVPR), 2017. [DOI:10.1109/CVPR.2017.195]
32. M. Tan and Q. V. Le, "Efficientnetv2: Smaller models and faster training," in Proc. Int. Conf. Machine Learning (ICML), PMLR, 2021.
33. قاسمی معصومه، حری عباس، بصیری محمداحسان، «تشخیص بدافزارهای اندرویدی با رویکرد تخلیة بار در محاسبات ابری»، فصلنامة پردازش علائم و دادهه،. ۲۱ (۳)، صص ۱۳۷-۱۴۸، ۱۴۰۳.
33. M. Ghasemi, A. Horri, and M. E. Basiri, "Detecting Android malware with offloading approach in cloud computing," J. Signal & Data Processing., vol. 21, no. 3, pp. 137-148, 2024. [DOI:10.61186/jsdp.21.3.137]
34. دی پیر محمود، «ریسک سنج: ابزاری برای سنجش دقیق میزان ریسک امنیتی برنامهها در دستگاههای همراه»، فصلنامة پردازش علائم و دادهها، ۱۴ (۳)، صص ۲۳-۳۶، ۱۳۹۶.
34. M. Deypir, "RiskMeter: A Tool for Measuring Precise Security Risk Values of Mobile Device Applications," J. Signal & Data Process., vol. 14, no. 3, pp. 23-36, 2017. [DOI:10.29252/jsdp.14.3.23]
Send email to the article author
| Rights and permissions | |
 |
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License. |