O
Orclever
Back to Journal
Research Article Open AccessOrclever Native

DroidDissection: A Hybrid Analysis Framework for Android Malware Detection and Analysis

ilker Kara1
1Department of Medical Services and Techniques, Eldivan Medical Services Vocational School Çankırı, Karatekin University
Published:September 17, 2025
DOI: 10.56038/ejrnd.v5i1.655
Vol. 5, No. 1

Abstract

The Android operating system dominates the mobile ecosystem due to its flexibility, large application market, and open-source architecture. However, these same characteristics make Android an attractive platform for attackers who distribute malicious applications, particularly those designed to intercept banking transactions and steal confidential information. Existing security mechanisms mostly rely on either static or dynamic inspection, and these isolated techniques often fail to reveal concealed or runtime-triggered malicious behavior.

In this study, we present DroidDissection, a framework designed specifically for Android malware detection with an emphasis on banking-related threats. The framework combines static code and permission inspection with controlled dynamic execution, enabling deeper observation of behavior that only emerges during runtime. A real malware sample was examined to validate the approach. The experimental results show that the hybrid inspection strategy increases the accuracy of malware identification and helps uncover behaviors that traditional individual methods may overlook. These findings indicate that the proposed framework can strengthen defense mechanisms against evolving cyber threats targeting Android devices.

Keywords
Android Malware DetectionBanking MalwareHybrid AnalysisStatic and Dynamic AnalysisMobile SecurityCyber ThreatsThreat Intelligence

References

  1. 1.References
  2. 2.Albakri, A., Fatima, H., Mohammed, M., Ahmed, A., Ali, A., Ali, A., Elzein, N. M. (2022). Survey on reverse-engineering tools for Android mobile devices. Mathematical Problems in Engineering, 2022, Article 4908134.
  3. 3.Sharma, T., Rattan, D. (2021). Malicious application detection in Android: A systematic literature review. Computer Science Review, 40, 100373.
  4. 4.Zaidi, S. F. A., Shah, M. A., Kamran, M., Javaid, Q., Zhang, S. (2016). A survey on security for smartphone device. International Journal of Advanced Computer Science and Applications, 7(4), 1-7.
  5. 5.Muzaffar, A., Hassen, H. R., Lones, M. A., Zantout, H. (2022). An in-depth review of machine learning based Android malware detection. Computers Security.
  6. 6.He, D., Chan, S., Guizani, M. (2015). Mobile application security: Malware threats and defenses. IEEE Wireless Communications, 22(1), 138-144.
  7. 7.Kara, I. (2022). Fileless malware threats: Recent advances, analysis approach through memory forensics and research challenges. Expert Systems with Applications.
  8. 8.Statista. (2022). Global market share held by mobile operating systems since 2009. Retrieved from https://www.statista.com/statistics/272698/global-market-share-held-by-mobile-operating-systems-since-2009/ (https://www.statista.com/statistics/272698/global-market-share-held-by-mobile-operating-systems-since-2009/)Link
  9. 9.Zhou, Y., Wang, Z., Zhou, W., Jiang, X. (2012, February). Hey, you, get off of my market: Detecting malicious apps in official and alternative Android markets. In NDSS Symposium*(pp. 50–52).
  10. 10.Zimba, A. (2022). A Bayesian attack-network modeling approach to mitigating malware-based banking cyberattacks. International Journal of Computer Network & Information Security, 14(1).
  11. 11.Moret, J. D., Todd, A., Rose, L., Pollitt, E., Anderson, J. (2022). Mobile phone apps for intimate partner and sexual violence prevention and response: Systematic search on app stores. JMIR Formative Research, 6(2), e28959.
  12. 12.Conti, M., Losiouk, E., Poovendran, R., Spolaor, R. (2022). Side-channel attacks on mobile and IoT devices for cyber-physical systems. Computer Networks.
  13. 13.Sihwail, R., Omar, K., Zainol Ariffin, K. A., & Al Afghani, S. (2019). Malware detection approach based on artifacts in memory image and dynamic analysis. Applied Sciences, 9(18), 3680.
  14. 14.Arif, J. M., Ab Razak, M. F., Mat, S. R. T., Awang, S., Ismail, N. S. N., Firdaus, A. (2021). Android mobile malware detection using fuzzy AHP. Journal of Information Security and Applications, 61, 102929.
  15. 15.Jacob, G., Debar, H., Filiol, E. (2008). Behavioral detection of malware: From a survey towards an established taxonomy. Journal in Computer Virology, 4(3), 251-266.
  16. 16.Enck, W., Ongtang, M., McDaniel, P. (2009). Understanding Android security. IEEE Security & Privacy, 7(1), 50-57.
  17. 17.Barrera, D., Kayacik, H. G., Van Oorschot, P. C., Somayaji, A. (2010, October). A methodology for empirical analysis of permission-based security models and its application to Android. In Proceedings of the 17th ACM Conference on Computer and Communications Security (pp. 73-84).
  18. 18.Grace, M., Zhou, Y., Zhang, Q., Zou, S., Jiang, X. (2012, June). RiskRanker: Scalable and accurate zero-day Android malware detection. In Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services (pp. 281-294).
  19. 19.Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y. (2012). “Andromaly”: A behavioral malware detection framework for Android devices. Journal of Intelligent Information Systems, 38(1), 161.
  20. 20.Yan, L. K., Yin, H. (2012). DroidScope: Seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis. In USENIX Security Symposium (pp. 569–584).
  21. 21.Deshotels, L., Notani, V., Lakhotia, A. (2014, January). DroidLegacy: Automated familial classification of Android malware. In Proceedings of ACM SIGPLAN on Program Protection and Reverse Engineering Workshop 2014 (pp. 1-12).
  22. 22.Wu, D. J., Mao, C. H., Wei, T. E., Lee, H. M., Wu, K. P. (2012, August). DroidMat: Android malware detection through manifest and API calls tracing. In 2012 Seventh Asia Joint Conference on Information Security (pp. 62-69).
  23. 23.Burguera, I., Zurutuza, U., Nadjm-Tehrani, S. (2011, October). Crowdroid: Behavior-based malware detection system for Android. In Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (pp. 15-26).
  24. 24.Suarez-Tangil, G., Tapiador, J. E., Peris-Lopez, P., Ribagorda, A. (2013). Evolution, detection and analysis of malware for smart devices. IEEE Communications Surveys & Tutorials, 16(2), 961-987.
  25. 25.Ayed, A. B. (2015). A literature review on Android permission system. International Journal of Advanced Research in Computer Engineering & Technology, 4(4).
  26. 26.Peng, H., Gates, C., Sarma, B., Li, N., Qi, Y., Potharaju, R., & Molloy, I. (2012, October). Using probabilistic generative models for ranking risks of Android apps. In Proceedings of the 2012 ACM Conference on Computer and Communications Security (pp. 241–252).
  27. 27.Neugschwandtner, M., Comparetti, P. M., Jacob, G., Kruegel, C. (2011, December). Forecast: Skimming off the malware cream. In Proceedings of the 27th Annual Computer Security Applications Conference (pp. 11–20).
  28. 28.Yunus, Y. K. B. M., Ngah, S. B. (2020, February). Review of hybrid analysis technique for malware detection. In IOP Conference Series: Materials Science and Engineering, 769(1), 012075.
  29. 29.Kara, I. (2019). A basic malware analysis method. Computer Fraud & Security, 2019 (6), 11–19.
  30. 30.Kara, I., & Aydos, M. (2022). The rise of ransomware: Forensic analysis for Windows-based ransomware attacks. Expert Systems with Applications, 190, 116198.
Download PDF
Cite This Article
Kara, i. (2025). DroidDissection: A Hybrid Analysis Framework for Android Malware Detection and Analysis. *The European Journal of Research and Development*, 5(1), 130-148. https://doi.org/10.56038/ejrnd.v5i1.655

Bibliographic Info

JournalThe European Journal of Research and Development
Volume5
Issue1
Pages130–148
PublishedSeptember 17, 2025
eISSN2822-2296