Development of Anti-Malware System for Android Applications | Research Square window.SnipcartSettings = { analytics: { enabled: false } }; (function() { var accessVector = localStorage.getItem('access_vector') || ''; window.dataLayer = window.dataLayer || []; if (accessVector) { window.dataLayer.push({ user: { profile: { profileInfo: { snid: accessVector } } } }); } })(); (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-K279D39R'); Browse Preprints In Review Journals COVID-19 Preprints AJE Video Bytes Research Tools Research Promotion AJE Professional Editing AJE Rubriq About Preprint Platform In Review Editorial Policies Our Team Advisory Board Help Center Sign In Submit a Preprint Cite Share Download PDF Article Development of Anti-Malware System for Android Applications Ahmed M. Saeed, Sameh A. Salem, Shahira M. Habashy, Hadeer A. Hassan This is a preprint; it has not been peer reviewed by a journal. https://doi.org/ 10.21203/rs.3.rs-4707802/v1 This work is licensed under a CC BY 4.0 License Status: Posted Version 1 posted You are reading this latest preprint version Abstract The huge popularity of mobile applications based on Android has led to a rise in malicious software development and distribution which is intended to target and compromise the android mobile devices. Consequently, this paper introduces a new detection system for identifying malicious behavior in Android applications, which consists of three main phases. The first phase employs mRMR (Minimum Redundancy Maximum Relevance) methods for feature selection, aiming to seek and determine the most efficient and effective subset of features from the overall feature space. This process involves utilizing multiple mRMR algorithms to recognize the most relevant features related to the target class while addressing any redundancy among the selected features. In the second phase, vector quantization is utilized to create a codebook vector. This codebook vector compresses the training subset samples from the dataset by incorporating the most effective features identified in phase one. Two codebook vectors are used in this phase: one representing the benign samples and the other representing the malware samples. Finally, in the third phase, the Attribute-Biased Classifier (ABC) is utilized for the classification task. This classifier takes the codebook vectors generated in the previous phases as input and accurately identifies the Android applications under test. Furthermore, a real-world dataset including both malicious and benign (non-malicious) Android applications is used to train and test the proposed system. The results show that the system is highly effective, robust, and efficient in distinguishing between malicious and benign applications, achieving an impressive accuracy of 98.8%. Additionally, it attained an AUC of 98.8% and F1-score of 98.8% and required only 𝟑×𝟏𝟎−𝟓 seconds per Android sample for testing. Additionally, the new detection system is compared with existing algorithms, demonstrating superior results in both accuracy and F1-score. Physical sciences/Engineering Physical sciences/Mathematics and computing/Computer science Physical sciences/Mathematics and computing/Information technology Physical sciences/Mathematics and computing/Software Full Text Additional Declarations No competing interests reported. Cite Share Download PDF Status: Posted Version 1 posted You are reading this latest preprint version Research Square lets you share your work early, gain feedback from the community, and start making changes to your manuscript prior to peer review in a journal. As a division of Research Square Company, we’re committed to making research communication faster, fairer, and more useful. We do this by developing innovative software and high quality services for the global research community. Our growing team is made up of researchers and industry professionals working together to solve the most critical problems facing scientific publishing. Also discoverable on Platform About Our Team In Review Editorial Policies Advisory Board Help Center Resources Author Services Accessibility API Access RSS feed Manage Cookie Preferences © Research Square 2026 | ISSN 2693-5015 (online) Privacy Policy Terms of Service Do Not Sell My Personal Information {"props":{"pageProps":{"initialData":{"identity":"rs-4707802","acceptedTermsAndConditions":true,"allowDirectSubmit":true,"archivedVersions":[],"articleType":"Article","associatedPublications":[],"authors":[{"id":334371691,"identity":"014e813e-fcdf-400b-8cee-9f105b7b2cf9","order_by":0,"name":"Ahmed M. Saeed","email":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAAAyAQMAAABI0h/eAAAABlBMVEX///8AAABVwtN+AAAACXBIWXMAAA7EAAAOxAGVKw4bAAABa0lEQVRIie2RQUvCYBiAXxHy8pnXheD+wsZgFpT1U3wRPDkJBhJoaxDoIcGrUeBf2BDWscUH85DhdbAgoeuEQZcgWH2bMyoiOwbtgW97vrGH9xsDSEn5i3BsEbYESIQhPi7vbDtfmrAukaT3pPrLRC7+lBQuznDug1Uq524j0fhC7tRqH8Jukz/I38yxW2kCe8LB0fFqyP3dWLwET9rpK5FQ8bzvtLwh1FXR3qwJ2K2pQJwWB9PJaoyrWEUCHhp2LHbGcBuylw8pmjqRObSyqHMNmct0naTgXeXqJU5mi0i0/esHX1YJvEZJ+RmtE9R5nyXhKhHYlGycLCWLBkdkJjaOgMiAFmVT2LiM3kkS0VXGW9G3CO4iElobTusqO2ENjSyROAwn2CV1dbvq2ElSchUz8MErCbNYtL1Bj5pPBCo46vXFIJi2cZCjpht0tI//JhN+lfjMNJGN6FIFCmvh9c977du3UlJSUv4BbwKxjlId3UEGAAAAAElFTkSuQmCC","orcid":"","institution":"Helwan University","correspondingAuthor":true,"prefix":"","firstName":"Ahmed","middleName":"M.","lastName":"Saeed","suffix":""},{"id":334371695,"identity":"677db900-2d32-4849-aa49-0e79ad529cbb","order_by":1,"name":"Sameh A. Salem","email":"","orcid":"","institution":"Helwan University","correspondingAuthor":false,"prefix":"","firstName":"Sameh","middleName":"A.","lastName":"Salem","suffix":""},{"id":334371696,"identity":"010b81f0-43ec-417a-a4ed-9b2551e5005c","order_by":2,"name":"Shahira M. Habashy","email":"","orcid":"","institution":"Helwan University","correspondingAuthor":false,"prefix":"","firstName":"Shahira","middleName":"M.","lastName":"Habashy","suffix":""},{"id":334371697,"identity":"93f2eb09-691c-46ab-977b-c80f1b5b7b61","order_by":3,"name":"Hadeer A. Hassan","email":"","orcid":"","institution":"Helwan University","correspondingAuthor":false,"prefix":"","firstName":"Hadeer","middleName":"A.","lastName":"Hassan","suffix":""}],"badges":[],"createdAt":"2024-07-08 20:31:59","currentVersionCode":1,"declarations":"","doi":"10.21203/rs.3.rs-4707802/v1","doiUrl":"https://doi.org/10.21203/rs.3.rs-4707802/v1","draftVersion":[],"editorialEvents":[],"editorialNote":"","failedWorkflow":false,"files":[{"id":66181950,"identity":"5a841f50-5208-455a-8c9a-6855fb739a09","added_by":"auto","created_at":"2024-10-08 12:39:07","extension":"pdf","order_by":1,"title":"","display":"","copyAsset":false,"role":"manuscript-pdf","size":2197411,"visible":true,"origin":"","legend":"","description":"","filename":"Manuscript.pdf","url":"https://assets-eu.researchsquare.com/files/rs-4707802/v1_covered_5aac851e-4c79-43ba-9753-d531f304185f.pdf"}],"financialInterests":"No competing interests reported.","formattedTitle":"Development of Anti-Malware System for Android Applications","fulltext":[],"fulltextSource":"","fullText":"","funders":[],"hasAdminPriorityOnWorkflow":false,"hasManuscriptDocX":false,"hasOptedInToPreprint":true,"hasPassedJournalQc":"","hasAnyPriority":false,"hideJournal":true,"highlight":"","institution":"","isAcceptedByJournal":false,"isAuthorSuppliedPdf":true,"isDeskRejected":"","isHiddenFromSearch":false,"isInQc":false,"isInWorkflow":false,"isPdf":true,"isPdfUpToDate":true,"isWithdrawnOrRetracted":false,"journal":{"display":true,"email":"
[email protected]","identity":"researchsquare","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":true,"externalIdentity":"","sideBox":"","snPcode":"","submissionUrl":"/submission","title":"Research Square","twitterHandle":"researchsquare","acdcEnabled":true,"dfaEnabled":false,"editorialSystem":"","reportingPortfolio":"","inReviewEnabled":false,"inReviewRevisionsEnabled":true},"keywords":"","lastPublishedDoi":"10.21203/rs.3.rs-4707802/v1","lastPublishedDoiUrl":"https://doi.org/10.21203/rs.3.rs-4707802/v1","license":{"name":"CC BY 4.0","url":"https://creativecommons.org/licenses/by/4.0/"},"manuscriptAbstract":"The huge popularity of mobile applications based on Android has led to a rise in malicious software development and distribution which is intended to target and compromise the android mobile devices. Consequently, this paper introduces a new detection system for identifying malicious behavior in Android applications, which consists of three main phases. The first phase employs mRMR (Minimum Redundancy Maximum Relevance) methods for feature selection, aiming to seek and determine the most efficient and effective subset of features from the overall feature space. This process involves utilizing multiple mRMR algorithms to recognize the most relevant features related to the target class while addressing any redundancy among the selected features. In the second phase, vector quantization is utilized to create a codebook vector. This codebook vector compresses the training subset samples from the dataset by incorporating the most effective features identified in phase one. Two codebook vectors are used in this phase: one representing the benign samples and the other representing the malware samples. Finally, in the third phase, the Attribute-Biased Classifier (ABC) is utilized for the classification task. This classifier takes the codebook vectors generated in the previous phases as input and accurately identifies the Android applications under test. Furthermore, a real-world dataset including both malicious and benign (non-malicious) Android applications is used to train and test the proposed system. The results show that the system is highly effective, robust, and efficient in distinguishing between malicious and benign applications, achieving an impressive accuracy of 98.8%. Additionally, it attained an AUC of 98.8% and F1-score of 98.8% and required only 𝟑×𝟏𝟎−𝟓 seconds per Android sample for testing. Additionally, the new detection system is compared with existing algorithms, demonstrating superior results in both accuracy and F1-score.","manuscriptTitle":"Development of Anti-Malware System for Android Applications","msid":"","msnumber":"","nonDraftVersions":[{"code":1,"date":"2024-08-02 13:46:47","doi":"10.21203/rs.3.rs-4707802/v1","editorialEvents":[{"type":"communityComments","content":0}],"status":"published","journal":{"display":true,"email":"
[email protected]","identity":"researchsquare","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":true,"externalIdentity":"","sideBox":"","snPcode":"","submissionUrl":"/submission","title":"Research Square","twitterHandle":"researchsquare","acdcEnabled":true,"dfaEnabled":false,"editorialSystem":"","reportingPortfolio":"","inReviewEnabled":false,"inReviewRevisionsEnabled":true}}],"origin":"","ownerIdentity":"a88e082a-2041-4afc-86c5-8a5cf801985a","owner":[],"postedDate":"August 2nd, 2024","published":true,"recentEditorialEvents":[],"rejectedJournal":[],"revision":"","amendment":"","status":"posted","subjectAreas":[{"id":35410571,"name":"Physical sciences/Engineering"},{"id":35410572,"name":"Physical sciences/Mathematics and computing/Computer science"},{"id":35410573,"name":"Physical sciences/Mathematics and computing/Information technology"},{"id":35410574,"name":"Physical sciences/Mathematics and computing/Software"}],"tags":[],"updatedAt":"2024-10-08T12:38:52+00:00","versionOfRecord":[],"versionCreatedAt":"2024-08-02 13:46:47","video":"","vorDoi":"","vorDoiUrl":"","workflowStages":[]},"version":"v1","identity":"rs-4707802","journalConfig":"researchsquare"},"__N_SSP":true},"page":"/article/[identity]/[[...version]]","query":{"redirect":"/article/rs-4707802","identity":"rs-4707802","version":["v1"]},"buildId":"qtupq5eGEP_6zYnWcrvyt","isFallback":false,"isExperimentalCompile":false,"dynamicIds":[84888],"gssp":true,"scriptLoader":[]}
Text is read by the "Ask this paper" AI Q&A widget below.
Extraction quality varies by source — PMC NXML preserves structure
cleanly, OA-HTML may include some navigation residue, and OA-PDF can
have broken hyphenation. The publisher copy
(via DOI)
is the canonical version.