Abstract

The rapid growth of Android devices has led to a significant increase in malware targeting mobile platforms, posing serious risks to user privacy and system security. Existing machine learning-based detection approaches often suffer from feature redundancy, limited automation, and reduced effectiveness in identifying previously unseen threats.
This paper proposes a hybrid machine learning framework for real-time pre-installation Android malware detection using static analysis. The system integrates automated APK analysis using the SISIK tool, Genetic Algorithm (GA)-based feature selection for dimensionality reduction, and classification using Support Vector Machine (SVM) and Random Forest (RF). In addition, Maximum Mean Discrepancy (MMD) is incorporated to capture distributional differences between benign and malicious applications. Experimental evaluation on publicly available Android malware datasets demonstrates that the proposed approach achieves an accuracy of approximately 95%, outperforming baseline models. The results highlight the effectiveness of combining feature optimization and distribution-aware analysis for improved detection performance.
The main contributions of this work include an automated analysis pipeline, an adaptive feature selection mechanism, and a hybrid detection framework capable of identifying both known and unknown malware patterns in a pre-installation setting.

Key words: Android Malware Security, Real-time Detection, Security Violations, Machine Learning, and Smart devices