O
Orclever
Back to Journal
Research Article Open AccessOrclever Native

DroidDissection: A Hybrid Analysis Framework for Android Malware Detection and Analysis

ilker Kara1
1Department of Medical Services and Techniques, Eldivan Medical Services Vocational School Çankırı, Karatekin University
Received:Aug 3, 2025Accepted:Sep 10, 2025Published:September 17, 2025
DOI: 10.56038/ejrnd.v5i1.655
Vol. 5, No. 1
1 Views2 Downloads0 Cited by
AI SummaryAI-generated · verify against the full text

A new framework called DroidDissection helps detect Android malware, particularly those targeting banking transactions, by combining static and dynamic analysis.

DroidDissection is a tool designed to identify Android malware, focusing on threats related to banking transactions. It combines two methods: analyzing the app's code and permissions before it runs, and observing its behavior while it's running. This hybrid approach was tested on a real malware sample and found to be more accurate than using either method alone.

Abstract

The Android operating system dominates the mobile ecosystem due to its flexibility, large application market, and open-source architecture. However, these same characteristics make Android an attractive platform for attackers who distribute malicious applications, particularly those designed to intercept banking transactions and steal confidential information. Existing security mechanisms mostly rely on either static or dynamic inspection, and these isolated techniques often fail to reveal concealed or runtime-triggered malicious behavior.

In this study, we present DroidDissection, a framework designed specifically for Android malware detection with an emphasis on banking-related threats. The framework combines static code and permission inspection with controlled dynamic execution, enabling deeper observation of behavior that only emerges during runtime. A real malware sample was examined to validate the approach. The experimental results show that the hybrid inspection strategy increases the accuracy of malware identification and helps uncover behaviors that traditional individual methods may overlook. These findings indicate that the proposed framework can strengthen defense mechanisms against evolving cyber threats targeting Android devices.

Keywords
Android Malware DetectionBanking MalwareHybrid AnalysisStatic and Dynamic AnalysisMobile SecurityCyber ThreatsThreat Intelligence

References

  1. 1.References
  2. 2.Albakri, A., Fatima, H., Mohammed, M., Ahmed, A., Ali, A., Ali, A., Elzein, N. M. (2022). Survey on reverse-engineering tools for Android mobile devices. Mathematical Problems in Engineering, 2022, Article 4908134.
  3. 3.Sharma, T., Rattan, D. (2021). Malicious application detection in Android: A systematic literature review. Computer Science Review, 40, 100373.
  4. 4.Zaidi, S. F. A., Shah, M. A., Kamran, M., Javaid, Q., Zhang, S. (2016). A survey on security for smartphone device. International Journal of Advanced Computer Science and Applications, 7(4), 1-7.
  5. 5.Muzaffar, A., Hassen, H. R., Lones, M. A., Zantout, H. (2022). An in-depth review of machine learning based Android malware detection. Computers Security.
  6. 6.He, D., Chan, S., Guizani, M. (2015). Mobile application security: Malware threats and defenses. IEEE Wireless Communications, 22(1), 138-144.
  7. 7.Kara, I. (2022). Fileless malware threats: Recent advances, analysis approach through memory forensics and research challenges. Expert Systems with Applications.
  8. 8.Statista. (2022). Global market share held by mobile operating systems since 2009. Retrieved from https://www.statista.com/statistics/272698/global-market-share-held-by-mobile-operating-systems-since-2009/ (https://www.statista.com/statistics/272698/global-market-share-held-by-mobile-operating-systems-since-2009/)Link
  9. 9.Zhou, Y., Wang, Z., Zhou, W., Jiang, X. (2012, February). Hey, you, get off of my market: Detecting malicious apps in official and alternative Android markets. In NDSS Symposium*(pp. 50–52).
  10. 10.Zimba, A. (2022). A Bayesian attack-network modeling approach to mitigating malware-based banking cyberattacks. International Journal of Computer Network & Information Security, 14(1).
  11. 11.Moret, J. D., Todd, A., Rose, L., Pollitt, E., Anderson, J. (2022). Mobile phone apps for intimate partner and sexual violence prevention and response: Systematic search on app stores. JMIR Formative Research, 6(2), e28959.
  12. 12.Conti, M., Losiouk, E., Poovendran, R., Spolaor, R. (2022). Side-channel attacks on mobile and IoT devices for cyber-physical systems. Computer Networks.
  13. 13.Sihwail, R., Omar, K., Zainol Ariffin, K. A., & Al Afghani, S. (2019). Malware detection approach based on artifacts in memory image and dynamic analysis. Applied Sciences, 9(18), 3680.
  14. 14.Arif, J. M., Ab Razak, M. F., Mat, S. R. T., Awang, S., Ismail, N. S. N., Firdaus, A. (2021). Android mobile malware detection using fuzzy AHP. Journal of Information Security and Applications, 61, 102929.
  15. 15.Jacob, G., Debar, H., Filiol, E. (2008). Behavioral detection of malware: From a survey towards an established taxonomy. Journal in Computer Virology, 4(3), 251-266.
  16. 16.Enck, W., Ongtang, M., McDaniel, P. (2009). Understanding Android security. IEEE Security & Privacy, 7(1), 50-57.
  17. 17.Barrera, D., Kayacik, H. G., Van Oorschot, P. C., Somayaji, A. (2010, October). A methodology for empirical analysis of permission-based security models and its application to Android. In Proceedings of the 17th ACM Conference on Computer and Communications Security (pp. 73-84).
  18. 18.Grace, M., Zhou, Y., Zhang, Q., Zou, S., Jiang, X. (2012, June). RiskRanker: Scalable and accurate zero-day Android malware detection. In Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services (pp. 281-294).
  19. 19.Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y. (2012). “Andromaly”: A behavioral malware detection framework for Android devices. Journal of Intelligent Information Systems, 38(1), 161.
  20. 20.Yan, L. K., Yin, H. (2012). DroidScope: Seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis. In USENIX Security Symposium (pp. 569–584).
  21. 21.Deshotels, L., Notani, V., Lakhotia, A. (2014, January). DroidLegacy: Automated familial classification of Android malware. In Proceedings of ACM SIGPLAN on Program Protection and Reverse Engineering Workshop 2014 (pp. 1-12).
  22. 22.Wu, D. J., Mao, C. H., Wei, T. E., Lee, H. M., Wu, K. P. (2012, August). DroidMat: Android malware detection through manifest and API calls tracing. In 2012 Seventh Asia Joint Conference on Information Security (pp. 62-69).
  23. 23.Burguera, I., Zurutuza, U., Nadjm-Tehrani, S. (2011, October). Crowdroid: Behavior-based malware detection system for Android. In Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (pp. 15-26).
  24. 24.Suarez-Tangil, G., Tapiador, J. E., Peris-Lopez, P., Ribagorda, A. (2013). Evolution, detection and analysis of malware for smart devices. IEEE Communications Surveys & Tutorials, 16(2), 961-987.
  25. 25.Ayed, A. B. (2015). A literature review on Android permission system. International Journal of Advanced Research in Computer Engineering & Technology, 4(4).
  26. 26.Peng, H., Gates, C., Sarma, B., Li, N., Qi, Y., Potharaju, R., & Molloy, I. (2012, October). Using probabilistic generative models for ranking risks of Android apps. In Proceedings of the 2012 ACM Conference on Computer and Communications Security (pp. 241–252).
  27. 27.Neugschwandtner, M., Comparetti, P. M., Jacob, G., Kruegel, C. (2011, December). Forecast: Skimming off the malware cream. In Proceedings of the 27th Annual Computer Security Applications Conference (pp. 11–20).
  28. 28.Yunus, Y. K. B. M., Ngah, S. B. (2020, February). Review of hybrid analysis technique for malware detection. In IOP Conference Series: Materials Science and Engineering, 769(1), 012075.
  29. 29.Kara, I. (2019). A basic malware analysis method. Computer Fraud & Security, 2019 (6), 11–19.
  30. 30.Kara, I., & Aydos, M. (2022). The rise of ransomware: Forensic analysis for Windows-based ransomware attacks. Expert Systems with Applications, 190, 116198.
Download PDF
Cite This Article
Kara, i. (2025). DroidDissection: A Hybrid Analysis Framework for Android Malware Detection and Analysis. *The European Journal of Research and Development*, 5(1), 130-148. https://doi.org/10.56038/ejrnd.v5i1.655

Bibliographic Info

JournalThe European Journal of Research and Development
Volume5
Issue1
Pages130–148
PublishedSeptember 17, 2025
eISSN2822-2296

Indexing & License

Open AccessCC BY 4.0CrossRef DOIORCIDOAI-PMH

More from The European Journal of Research and Development

Challenges in Maize Root Phenotyping: Preprocessing Limits and Class Imbalance in Deep Learning

Hüdanur Engin, Ali Murat Tiryaki

2026 · Vol 6 · Issue 1

The Bleaching of Woven Fabrics Using the Foam Application Technique

Aylin Kuşen, Onur Balcı, Koray Pektaş

2026 · Vol 6 · Issue 1

Automated Monkeypox Disease Classification Using Texture and Focus-Based Image Features

Tuğba Şentürk, Çiğdem Gülüzar Altıntop, Fatma Latifoğlu

2026 · Vol 6 · Issue 1

EEG-Based Assessment of Stress Levels Using Time–Frequency Features and Machine Learning

Sevde Samsa, Çiğdem Gülüzar Altıntop

2026 · Vol 6 · Issue 1

A Compact Non-Intrusive Measurement System for Critical Dimensions and Calibration Chart Generation of Underground Fuel Tanks

İlker Değirmencioğlu, Savaş Barış, Yusuf Kaya

2025 · Vol 5 · Issue 1

An AI-Based Question–Answering System for Corporate Documents: VK ArtiFin

Zeynep Örpek, Büşra Tural, Zeynep Destan

2025 · Vol 5 · Issue 1

Browse all articles in The European Journal of Research and Development