Abstract

This study focuses on the rapidly increasing frequency of smartphone malware attacks since2019. Most users have relied on smartphones as they are a rich source of valuable information (for example, in finance, privacy, and other fields). Analytic researchers focus on detecting smartphones weaknesses, finding malware, patterns of attacks, and other issues. Smartphones are now the most popular portable devices with advanced sensing capabilities, computing power, and networking capabilities. With such high growth in usage, the volume and types of threats are also growing exponentially. Machine learning techniques are the current methods to model a pattern of both the static and dynamic mobile malware behaviors. Detection methods for mobile malware exist, although they are still limited and incomplete. This study focuses on Android and iOS Operating Systems (OS), which dominate the mobile device industry with a 90 percent market share. This research used two datasets. One dataset contained devices and malware data from log files successfully encoded using a Unicode format with 470 features and 4430observations. The second dataset included 470 features and 8000 observations, which helped create multiple mobile malware detection methods. Additionally, using this dataset, this study examined which parts of a device were the most effective in detecting mobile malware. The study assesses the following Ensemble and Deep Learning models' performance metrics: Random Forest, Artificial Neural Network (ANN), TensorFlow, and Adaboost. Furthermore, the researcher assessed classifiers' performances when one model is trained for all subtypes of mobile Malware in Android and when other models are trained in a different OS. In this research, the Ensemble Model's first data set achieved an F1-score of 0.98 (or 98%), and the deep Learning Model achieved an F1-score of 0.93 (or 93%). Using the second data set, the ensemble Model achieved, on a weighted average, an F1-score of 0.68 (68%), while the Deep Learning Model earned, on a weighted average, an F1-score of 0.75 (75%). Moreover, the researcher examined the different detection methods' usabilities by assessing multiple metrics such as model size and training data. Finally, after the researcher evaluated the model's performance using metrics like accuracy and F1, this study accepted the hypothesis.