Android Malware Detection and Classification using LOFO Feature Selection and Tree-based Models

Abstract

Cybersecurity threats on mobile devices are also growing substantially with the subsequent rise in the usage of smartphones and mobile applications. Cybercriminals inevitably have expanded their malicious operations to Google's Android mobile operating system. Due to the limitations of traditional signature-based approaches and the constant evolution of new malware, current malware detection systems are turned to be empowered by intelligent machine learning models. In this aspect, malware defense techniques strive to integrate data science and cybersecurity. This paper presents an Android malware detection system that incorporates the Leave One Feature Out (LOFO) approach and uses tree-based learning models to classify malware applications based on the top selected features. The experimental evaluation is conducted on the DREBIN dataset to demonstrate the efficacy of the proposed method. The prediction accuracy of the XGBoost classifier is observed to outperform other tree-based models, but with higher computational costs.