Towards Robust Android Malware Detection: A Hybrid SVM-MLP Framework

Abstract

The rapid proliferation of Android devices has made them a primary target for cybercriminals, leading to a surge in sophisticated mobile malware threats. Traditional signature-based detection methods often fail to detect novel or obfuscated malware variants, such as zero-day attacks, necessitating more intelligent and adaptive solutions. In this context, the present study proposes a hybrid machine learning framework that integrates Support Vector Machines (SVM) and Multi-Layer Perceptrons (MLP) to detect Android malware effectively. The model leverages advanced data preprocessing techniques, including handling missing values and categorical encoding, followed by dimensionality reduction through Principal Component Analysis (PCA). This facilitates efficient learning while reducing model complexity and enhancing generalisation capabilities. The proposed system is evaluated on a publicly available Android malware dataset sourced from Kaggle. Performance is assessed using standard metrics such as accuracy, precision, recall, F1-score, specificity, and the Area Under the Curve (AUC). The hybrid SVM-MLP model achieves a remarkable detection accuracy of 98.99% and an AUC of 99.83%, significantly outperforming conventional standalone classifiers and existing benchmark models. Moreover, the system demonstrates resilience in classifying both benign and malicious applications with high precision, showcasing its practical utility in real-world mobile security applications. This research contributes to the growing body of work aimed at enhancing Android security through machine learning. The results suggest that hybrid models combining different classification strategies can provide more robust and scalable solutions for malware detection, especially in the evolving landscape of mobile and IoT-based ecosystems.