DroidDissection: A Hybrid Analysis Framework for Android Malware Detection and Analysis A Hybrid Analysis Framework for Android Malware Detection and Analysis

Article Sidebar

PDF
Published: Sep 17, 2025
DOI: https://doi.org/10.56038/ejrnd.v5i1.655
Article ID: 655
Keywords:
Android Malware Detection Banking Malware Hybrid Analysis Static and Dynamic Analysis Mobile Security Cyber Threats Threat Intelligence

Main Article Content

ilker Kara
Department of Medical Services and Techniques, Eldivan Medical Services Vocational School Çankırı, Karatekin University
https://orcid.org/0000-0002-9670-8964

Abstract

The Android operating system dominates the mobile ecosystem due to its flexibility, large application market, and open-source architecture. However, these same characteristics make Android an attractive platform for attackers who distribute malicious applications, particularly those designed to intercept banking transactions and steal confidential information. Existing security mechanisms mostly rely on either static or dynamic inspection, and these isolated techniques often fail to reveal concealed or runtime-triggered malicious behavior.


In this study, we present DroidDissection, a framework designed specifically for Android malware detection with an emphasis on banking-related threats. The framework combines static code and permission inspection with controlled dynamic execution, enabling deeper observation of behavior that only emerges during runtime. A real malware sample was examined to validate the approach. The experimental results show that the hybrid inspection strategy increases the accuracy of malware identification and helps uncover behaviors that traditional individual methods may overlook. These findings indicate that the proposed framework can strengthen defense mechanisms against evolving cyber threats targeting Android devices.

Downloads

Download data is not yet available.

Article Details

How to Cite
Kara, ilker. (2025). DroidDissection: A Hybrid Analysis Framework for Android Malware Detection and Analysis: A Hybrid Analysis Framework for Android Malware Detection and Analysis. The European Journal of Research and Development, 5(1), 130–148. https://doi.org/10.56038/ejrnd.v5i1.655
Issue
Vol. 5 No. 1 (2025): The European Journal of Research and Development
Section
Articles
Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Crossref
Scopus
Google Scholar
Europe PMC

References

References

Albakri, A., Fatima, H., Mohammed, M., Ahmed, A., Ali, A., Ali, A., Elzein, N. M. (2022). Survey on reverse-engineering tools for Android mobile devices. Mathematical Problems in Engineering, 2022, Article 4908134. DOI: https://doi.org/10.1155/2022/4908134

Sharma, T., Rattan, D. (2021). Malicious application detection in Android: A systematic literature review. Computer Science Review, 40, 100373. DOI: https://doi.org/10.1016/j.cosrev.2021.100373

Zaidi, S. F. A., Shah, M. A., Kamran, M., Javaid, Q., Zhang, S. (2016). A survey on security for smartphone device. International Journal of Advanced Computer Science and Applications, 7(4), 1-7. DOI: https://doi.org/10.14569/IJACSA.2016.070426

Muzaffar, A., Hassen, H. R., Lones, M. A., Zantout, H. (2022). An in-depth review of machine learning based Android malware detection. Computers Security. DOI: https://doi.org/10.1016/j.cose.2022.102833

He, D., Chan, S., Guizani, M. (2015). Mobile application security: Malware threats and defenses. IEEE Wireless Communications, 22(1), 138-144. DOI: https://doi.org/10.1109/MWC.2015.7054729

Kara, I. (2022). Fileless malware threats: Recent advances, analysis approach through memory forensics and research challenges. Expert Systems with Applications. DOI: https://doi.org/10.2139/ssrn.4087655

Statista. (2022). Global market share held by mobile operating systems since 2009. Retrieved from https://www.statista.com/statistics/272698/global-market-share-held-by-mobile-operating-systems-since-2009/ (https://www.statista.com/statistics/272698/global-market-share-held-by-mobile-operating-systems-since-2009/)

Zhou, Y., Wang, Z., Zhou, W., Jiang, X. (2012, February). Hey, you, get off of my market: Detecting malicious apps in official and alternative Android markets. In NDSS Symposium*(pp. 50–52).

Zimba, A. (2022). A Bayesian attack-network modeling approach to mitigating malware-based banking cyberattacks. International Journal of Computer Network & Information Security, 14(1). DOI: https://doi.org/10.5815/ijcnis.2022.01.03

Moret, J. D., Todd, A., Rose, L., Pollitt, E., Anderson, J. (2022). Mobile phone apps for intimate partner and sexual violence prevention and response: Systematic search on app stores. JMIR Formative Research, 6(2), e28959. DOI: https://doi.org/10.2196/28959

Conti, M., Losiouk, E., Poovendran, R., Spolaor, R. (2022). Side-channel attacks on mobile and IoT devices for cyber-physical systems. Computer Networks. DOI: https://doi.org/10.1016/j.comnet.2022.108858

Sihwail, R., Omar, K., Zainol Ariffin, K. A., & Al Afghani, S. (2019). Malware detection approach based on artifacts in memory image and dynamic analysis. Applied Sciences, 9(18), 3680. DOI: https://doi.org/10.3390/app9183680

Arif, J. M., Ab Razak, M. F., Mat, S. R. T., Awang, S., Ismail, N. S. N., Firdaus, A. (2021). Android mobile malware detection using fuzzy AHP. Journal of Information Security and Applications, 61, 102929. DOI: https://doi.org/10.1016/j.jisa.2021.102929

Jacob, G., Debar, H., Filiol, E. (2008). Behavioral detection of malware: From a survey towards an established taxonomy. Journal in Computer Virology, 4(3), 251-266. DOI: https://doi.org/10.1007/s11416-008-0086-0

Enck, W., Ongtang, M., McDaniel, P. (2009). Understanding Android security. IEEE Security & Privacy, 7(1), 50-57. DOI: https://doi.org/10.1109/MSP.2009.26

Barrera, D., Kayacik, H. G., Van Oorschot, P. C., Somayaji, A. (2010, October). A methodology for empirical analysis of permission-based security models and its application to Android. In Proceedings of the 17th ACM Conference on Computer and Communications Security (pp. 73-84). DOI: https://doi.org/10.1145/1866307.1866317

Grace, M., Zhou, Y., Zhang, Q., Zou, S., Jiang, X. (2012, June). RiskRanker: Scalable and accurate zero-day Android malware detection. In Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services (pp. 281-294). DOI: https://doi.org/10.1145/2307636.2307663

Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y. (2012). “Andromaly”: A behavioral malware detection framework for Android devices. Journal of Intelligent Information Systems, 38(1), 161. DOI: https://doi.org/10.1007/s10844-010-0148-x

Yan, L. K., Yin, H. (2012). DroidScope: Seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis. In USENIX Security Symposium (pp. 569–584).

Deshotels, L., Notani, V., Lakhotia, A. (2014, January). DroidLegacy: Automated familial classification of Android malware. In Proceedings of ACM SIGPLAN on Program Protection and Reverse Engineering Workshop 2014 (pp. 1-12). DOI: https://doi.org/10.1145/2556464.2556467

Wu, D. J., Mao, C. H., Wei, T. E., Lee, H. M., Wu, K. P. (2012, August). DroidMat: Android malware detection through manifest and API calls tracing. In 2012 Seventh Asia Joint Conference on Information Security (pp. 62-69). DOI: https://doi.org/10.1109/AsiaJCIS.2012.18

Burguera, I., Zurutuza, U., Nadjm-Tehrani, S. (2011, October). Crowdroid: Behavior-based malware detection system for Android. In Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (pp. 15-26). DOI: https://doi.org/10.1145/2046614.2046619

Suarez-Tangil, G., Tapiador, J. E., Peris-Lopez, P., Ribagorda, A. (2013). Evolution, detection and analysis of malware for smart devices. IEEE Communications Surveys & Tutorials, 16(2), 961-987. DOI: https://doi.org/10.1109/SURV.2013.101613.00077

Ayed, A. B. (2015). A literature review on Android permission system. International Journal of Advanced Research in Computer Engineering & Technology, 4(4).

Peng, H., Gates, C., Sarma, B., Li, N., Qi, Y., Potharaju, R., & Molloy, I. (2012, October). Using probabilistic generative models for ranking risks of Android apps. In Proceedings of the 2012 ACM Conference on Computer and Communications Security (pp. 241–252). DOI: https://doi.org/10.1145/2382196.2382224

Neugschwandtner, M., Comparetti, P. M., Jacob, G., Kruegel, C. (2011, December). Forecast: Skimming off the malware cream. In Proceedings of the 27th Annual Computer Security Applications Conference (pp. 11–20). DOI: https://doi.org/10.1145/2076732.2076735

Yunus, Y. K. B. M., Ngah, S. B. (2020, February). Review of hybrid analysis technique for malware detection. In IOP Conference Series: Materials Science and Engineering, 769(1), 012075. DOI: https://doi.org/10.1088/1757-899X/769/1/012075

Kara, I. (2019). A basic malware analysis method. Computer Fraud & Security, 2019 (6), 11–19. DOI: https://doi.org/10.1016/S1361-3723(19)30064-8

Kara, I., & Aydos, M. (2022). The rise of ransomware: Forensic analysis for Windows-based ransomware attacks. Expert Systems with Applications, 190, 116198. DOI: https://doi.org/10.1016/j.eswa.2021.116198