Online Learning-Based Android Malware Detection Using API Call Graphs and Drift Detection: A Comparative Study

Authors

  • Mohammed Daawar Hussain Heriot-Watt University
  • Ali Muzaffar Heriot-Watt University

DOI:

https://doi.org/10.1609/aaaiss.v6i1.36036

Abstract

The rapid growth and complexity of Android applications have made the platform a serious target for cybercriminals, posing substantial risks to mobile security and user data. Traditional malware detection models, although they have shown promise, can hardly be applied at run-time since they cannot adapt quickly enough to new malware variants and evolving attack methods. Such models, trained on preexisting data, suffer from performance degradation due to concept drift, where data distributions change over time as malware evolves. This paper presents an Online Learning-Based Android Malware Detection framework that systematically pairs various drift detection algorithms—such as ADWIN, DDM, and EDDM—with various machine learning models to identify the most effective combinations for maintaining detection accuracy in real-time. Our best-performing model achieved an accuracy of up to 96.01%.
AAAI Summer Symposium 2025 Proceedings Cover

Downloads

Published

2025-08-01

How to Cite

Daawar Hussain, M., & Muzaffar, A. (2025). Online Learning-Based Android Malware Detection Using API Call Graphs and Drift Detection: A Comparative Study. Proceedings of the AAAI Symposium Series, 6(1), 87–89. https://doi.org/10.1609/aaaiss.v6i1.36036

Issue

Vol. 6 No. 1: Proceedings of the 2025 AAAI Summer Symposium Series

Section

Context-Awareness in Cyber-Physical Systems