Advanced Android Malware Detection: Merging Deep Learning and XGBoost Techniques

Authors : Esra Kavalcı Yılmaz, Rezan Bakır

Pages : 45-61

Doi:10.17671/gazibtd.1553548

View : 41 | Download : 48

Publication Date : 2025-01-31

Article Type : Research Paper

Abstract :The increasing importance of Android devices in our lives brings with it the need to secure personal information stored on these devices, such as contact details, documents, location data, and browser data. These devices are often targeted by attacks and malware designed to steal this data. In response, this work takes a novel approach to Android malware detection by integrating deep learning with traditional machine learning algorithms. An extensive experimental study was conducted using the DroidCollector network traffic analysis dataset. Eight different deep learning methods are analysed for malware classification. In the first phase, experiments were conducted on both original and stabilised datasets and the most effective methods were identified. In the second phase, the best performing deep learning methods were combined with XGBoost for classification. This hybrid approach increased classification success by 3-4%. The highest F1 and accuracy values obtained after 150 epochs of training with BiLSTM+XGBoost were 95.12% and 99.33% respectively. These results highlight the superiority of combining deep learning and traditional machine learning techniques over individual models and significantly improve classification accuracy. This integrated method provides a very important strategy for developing high-performance models for various applications.
Keywords : Kötü amaçlı yazılım tespiti, makine öğrenmesi, derin öğrenme, XGBoost