Related papers: Feature-Centric Approaches to Android Malware Analysis: A Survey

Feature-Centric Approaches to Android Malware Analysis: A Survey

URL: http://arxiv.org/abs/2509.10709v1
Date: Fri, 12 Sep 2025 21:55:26 GMT
Title: Feature-Centric Approaches to Android Malware Analysis: A Survey
Authors: Shama Maganur, Yili Jiang, Jiaqi Huang, Fangtian Zhong,
Abstract summary: Sophisticated malware families exploit the openness of the Android platform to infiltrate IoT networks.<n>This review examines cutting-edge approaches to Android malware analysis with implications for securing IoT infrastructures.
Score: 5.605292425841782
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Sophisticated malware families exploit the openness of the Android platform to infiltrate IoT networks, enabling large-scale disruption, data exfiltration, and denial-of-service attacks. This systematic literature review (SLR) examines cutting-edge approaches to Android malware analysis with direct implications for securing IoT infrastructures. We analyze feature extraction techniques across static, dynamic, hybrid, and graph-based methods, highlighting their trade-offs: static analysis offers efficiency but is easily evaded through obfuscation; dynamic analysis provides stronger resistance to evasive behaviors but incurs high computational costs, often unsuitable for lightweight IoT devices; hybrid approaches balance accuracy with resource considerations; and graph-based methods deliver superior semantic modeling and adversarial robustness. This survey contributes a structured comparison of existing methods, exposes research gaps, and outlines a roadmap for future directions to enhance scalability, adaptability, and long-term security in IoT-driven Android malware detection.

Related papers

Multi-Agent Collaborative Intrusion Detection for Low-Altitude Economy IoT: An LLM-Enhanced Agentic AI Framework [60.72591149679355]
The rapid expansion of low-altitude economy Internet of Things (LAE-IoT) networks has created unprecedented security challenges.<n>Traditional intrusion detection systems fail to tackle the unique characteristics of aerial IoT environments.<n>We introduce a large language model (LLM)-enabled agentic AI framework for enhancing intrusion detection in LAE-IoT networks.
arXiv Detail & Related papers (2026-01-25T12:47:25Z)
Explainable and Resilient ML-Based Physical-Layer Attack Detectors [46.30085297768888]
We analyze the inner workings of various classifiers trained to alert about physical layer intrusions.<n>We evaluate the detectors' resilience to malicious parameter noising.<n>This work serves as a design guideline for developing fast and robust detectors trained on available network monitoring data.
arXiv Detail & Related papers (2025-09-30T17:05:33Z)
Feature-Oriented IoT Malware Analysis: Extraction, Classification, and Future Directions [9.266194874288507]
This survey provides a comprehensive review of feature extraction techniques for IoT malware analysis.<n>We first examine static and dynamic feature extraction methods, followed by hybrid approaches.<n>We then explore feature representation strategies based on graph learning.
arXiv Detail & Related papers (2025-09-03T16:10:35Z)
Security through the Eyes of AI: How Visualization is Shaping Malware Detection [12.704411714353787]
We evaluate existing visualization-based approaches applied to malware detection and classification.<n>Within this framework, we analyze state-of-the-art approaches across the critical stages of the malware detection pipeline.<n>We shed light on the main challenges in visualization-based approaches and provide insights into the advancements and potential future directions in this critical field.
arXiv Detail & Related papers (2025-05-12T13:53:56Z)
CryptoDNA: A Machine Learning Paradigm for DDoS Detection in Healthcare IoT, Inspired by crypto jacking prevention Models [0.0]
The rapid integration of the Internet of Things (IoT) and Internet of Medical (IoM) devices in the healthcare industry has markedly improved patient care and hospital operations.<n>DDoS attacks present significant dangers, jeopardizing operational stability and patient safety.<n>This study introduces CryptoDNA, an innovative machine learning detection framework influenced by cryptojacking detection methods.
arXiv Detail & Related papers (2025-01-30T18:22:16Z)
Analyzing Adversarial Inputs in Deep Reinforcement Learning [53.3760591018817]
We present a comprehensive analysis of the characterization of adversarial inputs, through the lens of formal verification. We introduce a novel metric, the Adversarial Rate, to classify models based on their susceptibility to such perturbations. Our analysis empirically demonstrates how adversarial inputs can affect the safety of a given DRL system with respect to such perturbations.
arXiv Detail & Related papers (2024-02-07T21:58:40Z)
X-CBA: Explainability Aided CatBoosted Anomal-E for Intrusion Detection System [2.556190321164248]
Using machine learning (ML) and deep learning (DL) models in Intrusion Detection Systems has led to a trust deficit due to their non-transparent decision-making. This paper introduces a novel Explainable IDS approach, called X-CBA, that leverages the structural advantages of Graph Neural Networks (GNNs) to effectively process network traffic data. Our approach achieves high accuracy with 99.47% in threat detection and provides clear, actionable explanations of its analytical outcomes.
arXiv Detail & Related papers (2024-02-01T18:29:16Z)
Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z)
It Is Time To Steer: A Scalable Framework for Analysis-driven Attack Graph Generation [50.06412862964449]
Attack Graph (AG) represents the best-suited solution to support cyber risk assessment for multi-step attacks on computer networks. Current solutions propose to address the generation problem from the algorithmic perspective and postulate the analysis only after the generation is complete. This paper rethinks the classic AG analysis through a novel workflow in which the analyst can query the system anytime.
arXiv Detail & Related papers (2023-12-27T10:44:58Z)
Distributed intelligence on the Edge-to-Cloud Continuum: A systematic literature review [62.997667081978825]
This review aims at providing a comprehensive vision of the main state-of-the-art libraries and frameworks for machine learning and data analytics available today. The main simulation, emulation, deployment systems, and testbeds for experimental research on the Edge-to-Cloud Continuum available today are also surveyed.
arXiv Detail & Related papers (2022-04-29T08:06:05Z)
Deep Image: A precious image based deep learning method for online malware detection in IoT Environment [12.558284943901613]
In this paper, a different view of malware analysis is considered and the risk level of each sample feature is computed. In addition to the usual machine learning criteria namely accuracy and FPR, a proposed criterion based on the risk of samples has also been used for comparison. The results show that the deep learning approach performed better in detecting malware.
arXiv Detail & Related papers (2022-04-04T17:56:55Z)
Improving robustness of jet tagging algorithms with adversarial training [56.79800815519762]
We investigate the vulnerability of flavor tagging algorithms via application of adversarial attacks. We present an adversarial training strategy that mitigates the impact of such simulated attacks.
arXiv Detail & Related papers (2022-03-25T19:57:19Z)

This list is automatically generated from the titles and abstracts of the papers in this site.