IECE Transactions on Advanced Computing and Systems Home About Editors Current Issue
-
CiteScore
-
Impact Factor
  1. Home
  2. Journals
  3. IECE Transactions on Advanced Computing and Systems
  4. Volume 1, Issue 1
ViTDroid and Hybrid Models for Effective Android and IoT Malware Detection
Research Article | Published: 29 March 2025
IECE Transactions on Advanced Computing and Systems Volume 1, Issue 1, 2025: 32-47
Volume 1, Issue 1, IECE Transactions on Advanced Computing and Systems
Volume 1, Issue 1, 2025
Submit Manuscript Edit a Special Issue
Academic Editor
Deepak Adhikari
Deepak Adhikari
University of Electronic Science and Technology of China, China
Article QR Code
Article QR Code
Scan the QR code for reading
Popular articles
Research on A Ship Trajectory Classification Method Based on Deep Learning YOLOv7-Bw: A Dense Small Object Efficient Detector Based on Remote Sensing Image A Mimic Fusion Algorithm for Dual Channel Video Based on Possibility Distribution Synthesis Theory Deep Prediction Network Based on Covariance Intersection Fusion for Sensor Data Bridging Modalities: A Survey of Cross-Modal Image-Text Retrieval Visual Feature Extraction and Tracking Method Based on Corner Flow Detection Inaugural Editorial of the Chinese Journal of Information Fusion Simultaneous Spatiotemporal Bias Compensation and Data Fusion for Asynchronous Multisensor Systems YOLOv8-Lite: A Lightweight Object Detection Model for Real-time Autonomous Driving Systems Extraction of Motion Information from Occupancy Grid Map Using Keystone Transform
IECE Transactions on Advanced Computing and Systems, Volume 1, Issue 1, 2025: 32-47

Open Access | Research Article | 29 March 2025
ViTDroid and Hybrid Models for Effective Android and IoT Malware Detection
by
Inam Ullah Khan Inam Ullah Khan 1
Asim Zeb Asim Zeb 2 *
Taj Rahman Taj Rahman 1
Fida Muhammad Khan Fida Muhammad Khan 1
Zeeshan Ali Haider Zeeshan Ali Haider 1
Hazrat Bilal Hazrat Bilal 3,4
1 Department of Computer Science, Qurtuba University of Science & Information Technology, 25000 Peshawar, Pakistan
2 Department of Computer Science, Abbottabad University of Science and Technology, Abbottabad 22010, Pakistan
3 College of Mechatronics and Control Engineering, Shenzhen University, Shenzhen 518060, China
4 College of Computer Science and Software Engineering, Shenzhen University, Shenzhen 518060, China
* Corresponding Author: Asim Zeb, [email protected]
DOI: 10.62762/TACS.2024.521915
Received: 06 December 2024, Accepted: 10 March 2025, Published: 29 March 2025  
   PDF  (1.10 MB) Full-Text HTML XML
Article Metrics Cite This Article
Abstract
This paper introduces ViTDroid, a novel hybrid model that combines Vision Transformers (ViTs) and recurrent neural networks (RNNs) to enhance Android and IoT malware detection. ViTDroid addresses critical challenges by leveraging ViTs to capture global spatial dependencies and RNNs (LSTM and GRU) to model temporal patterns, enabling comprehensive analysis of complex malware behaviors. Additionally, the model integrates explainability tools, such as LIME and SHAP, to enhance transparency and trustworthiness, essential for real-world cybersecurity applications. The study evaluates ViTDroid's performance against conventional models, including RNN, LSTM, and GRU, using accuracy, precision, recall, and F1 score as evaluation metrics. Results demonstrate that ViTDroid achieves superior performance with an accuracy of 99.1% for Android malware and 98% for IoT malware. Precision and recall values reach 0.99 and 0.98, respectively, for Android, and 0.97 and 0.98 for IoT, with F1 scores of 0.99 for Android and 0.97 for IoT. These findings underscore ViTDroid's potential as a robust, efficient, and explainable solution to combat evolving threats in mobile and IoT ecosystems, paving the way for future advancements in malware detection systems.
Graphical Abstract
ViTDroid and Hybrid Models for Effective Android and IoT Malware Detection
Keywords
Android malware
IoT malware
RNN
LSTM
GRU
ViTDroid
hybrid models
malware detection
deep learning
Data Availability Statement
Data will be made available on request.
Funding
This work was supported without any funding.
Conflicts of Interest
The authors declare no conflicts of interest.
Ethical Approval and Consent to Participate
Not applicable.
References
  1. Sutter, T., Kehrer, T., Rennhard, M., Tellenbach, B., & Klein, J. (2024). Dynamic security analysis on android: A systematic literature review. IEEE Access.
    [CrossRef]   [Google Scholar]
  2. Khokhlov, I., & Reznik, L. (2017, April). Data security evaluation for mobile android devices. In 2017 20th Conference of Open Innovations Association (FRUCT) (pp. 154-160). IEEE.
    [CrossRef]   [Google Scholar]
  3. Kilani, R., & Jensen, K. (2013). Mobile authentication with NFC enabled smartphones. Technical Report Electronics and Computer Engineering, 2(14).
    [Google Scholar]
  4. Qamar, A., Karim, A., & Chang, V. (2019). Mobile malware attacks: Review, taxonomy & future directions. Future Generation Computer Systems, 97, 887-909.
    [CrossRef]   [Google Scholar]
  5. Keteku, J., Dameh, G. O., Mante, S. A., Mensah, T. K., Amartey, S. L., & Diekuu, J. B. (2024). Detection and Prevention of Malware in Android Mobile Devices: A Literature Review. International Journal of Intelligence Science, 14(4), 71-93.
    [Google Scholar]
  6. Gamba, J., Rashed, M., Razaghpanah, A., Tapiador, J., & Vallina-Rodriguez, N. (2020, May). An analysis of pre-installed android software. In 2020 IEEE symposium on security and privacy (SP) (pp. 1039-1055). IEEE.
    [Google Scholar]
  7. Ali, A. A., & H Abdul-Qawy, A. S. (2021). Static analysis of malware in android-based platforms: a progress study. International Journal of Computing and Digital Systems, 10(1), 321-331.
    [Google Scholar]
  8. Halim, M. A., Abdullah, A., & Ariffin, K. A. Z. (2019). Recurrent neural network for malware detection. Int. J. Advance Soft Compu. Appl, 11(1), 43-63.
    [Google Scholar]
  9. Rhode, M., Burnap, P., & Jones, K. (2018). Early-stage malware prediction using recurrent neural networks. Computers & security, 77, 578-594.
    [CrossRef]   [Google Scholar]
  10. Owoh, N., Adejoh, J., Hosseinzadeh, S., Ashawa, M., Osamor, J., & Qureshi, A. (2024). Malware Detection Based on API Call Sequence Analysis: A Gated Recurrent Unit--Generative Adversarial Network Model Approach. Future Internet, 16(10), 369.
    [CrossRef]   [Google Scholar]
  11. Sun, G., & Qian, Q. (2018). Deep learning and visualization for identifying malware families. IEEE Transactions on Dependable and Secure Computing, 18(1), 283-295.
    [CrossRef]   [Google Scholar]
  12. Muhuri, P. S., Chatterjee, P., Yuan, X., Roy, K., & Esterline, A. (2020). Using a long short-term memory recurrent neural network (LSTM-RNN) to classify network attacks. Information, 11(5), 243.
    [CrossRef]   [Google Scholar]
  13. Seneviratne, S., Shariffdeen, R., Rasnayaka, S., & Kasthuriarachchi, N. (2022). Self-supervised vision transformers for malware detection. IEEE Access, 10, 103121-103135.
    [CrossRef]   [Google Scholar]
  14. Syed, T. A., Nauman, M., Khan, S., Jan, S., & Zuhairi, M. F. (2024). ViTDroid: Vision Transformers for Efficient, Explainable Attention to Malicious Behavior in Android Binaries. Sensors, 24(20), 6690.
    [CrossRef]   [Google Scholar]
  15. Moore, S. R., Ge, H., Li, N., & Proctor, R. W. (2019). Cybersecurity for android applications: Permissions in android 5 and 6. International Journal of Human--Computer Interaction, 35(7), 630-640.
    [CrossRef]   [Google Scholar]
  16. Alamro, H., Mtouaa, W., Aljameel, S., Salama, A. S., Hamza, M. A., & Othman, A. Y. (2023). Automated android malware detection using optimal ensemble learning approach for cybersecurity. IEEE Access, 11, 72509-72517.
    [CrossRef]   [Google Scholar]
  17. Wright, J., Dawson Jr, M. E., & Omar, M. (2012). Cyber security and mobile threats: The need for antivirus applications for smart phones. Journal of Information Systems Technology and Planning, 5(14), 40-60.
    [Google Scholar]
  18. Albakri, A., Alhayan, F., Alturki, N., Ahamed, S., & Shamsudheen, S. (2023). Metaheuristics with deep learning model for cybersecurity and Android malware detection and classification. Applied Sciences, 13(4), 2172.
    [CrossRef]   [Google Scholar]
  19. Rodriguez-Mota, A., Escamilla-Ambrosio, P. J., Happa, J., & Nurse, J. R. (2016, November). Towards IoT cybersecurity modeling: From malware analysis data to IoT system representation. In 2016 8th IEEE Latin-American Conference on Communications (LATINCOM) (pp. 1-6). IEEE.
    [CrossRef]   [Google Scholar]
  20. Khan, I. U., Khan, Z. A., Ahmad, M., Khan, A. H., Muahmmad, F., Imran, A., \ldots & Hamid, M. K. (2023, May). Machine Learning Techniques for Permission-based Malware Detection in Android Applications. In 2023 9th International Conference on Information Technology Trends (ITT) (pp. 7-13). IEEE.
    [Google Scholar]
  21. Shiri, F. M., Perumal, T., Mustapha, N., & Mohamed, R. (2023). A comprehensive overview and comparative analysis on deep learning models: CNN, RNN, LSTM, GRU. arXiv preprint arXiv:2305.17473.
    [Google Scholar]
  22. Adhikari, D., Ullah, I., Syed, I., & Choi, C. (2023). Phishing Detection in the Internet of Things for Cybersecurity. In Cybersecurity Management in Education Technologies (pp. 86-106). CRC Press.
    [Google Scholar]
  23. Taher, F., AlFandi, O., Al-kfairy, M., Al Hamadi, H., & Alrabaee, S. (2023). DroidDetectMW: a hybrid intelligent model for android malware detection. Applied Sciences, 13(13), 7720.
    [CrossRef]   [Google Scholar]
  24. Hamza, A. A., Abdel Halim, I. T., Sobh, M. A., & Bahaa-Eldin, A. M. (2022). HSAS-MD analyzer: a hybrid security analysis system using model-checking technique and deep learning for malware detection in IoT apps. Sensors, 22(3), 1079.
    [CrossRef]   [Google Scholar]
  25. Rodrigo, C., Pierre, S., Beaubrun, R., & El Khoury, F. (2021). BrainShield: a hybrid machine learning-based malware detection model for android devices. Electronics, 10(23), 2948.
    [CrossRef]   [Google Scholar]
  26. Ahmad, I., Wan, Z., Ahmad, A., & Ullah, S. S. (2024). A Hybrid Optimization Model for Efficient Detection and Classification of Malware in the Internet of Things. Mathematics, 12(10), 1437.
    [CrossRef]   [Google Scholar]
  27. Kumar, R., Zhang, X., Wang, W., Khan, R. U., Kumar, J., & Sharif, A. (2019). A multimodal malware detection technique for Android IoT devices using various features. IEEE access, 7, 64411-64430.
    [CrossRef]   [Google Scholar]
  28. Ren, Z., Wu, H., Ning, Q., Hussain, I., & Chen, B. (2020). End-to-end malware detection for android IoT devices using deep learning. Ad Hoc Networks, 101, 102098.
    [CrossRef]   [Google Scholar]
  29. Alasmary, H., Anwar, A., Park, J., Choi, J., Nyang, D., & Mohaisen, A. (2018). Graph-based comparison of IoT and android malware. In Computational Data and Social Networks: 7th International Conference, CSoNet 2018, Shanghai, China, December 18--20, 2018, Proceedings 7 (pp. 259-272). Springer International Publishing.
    [Google Scholar]
  30. Ngo, Q. D., Nguyen, H. T., Le, V. H., & Nguyen, D. H. (2020). A survey of IoT malware and detection methods based on static features. ICT express, 6(4), 280-286.
    [CrossRef]   [Google Scholar]
  31. Ham, H. S., Kim, H. H., Kim, M. S., & Choi, M. J. (2014). Linear SVM‐based android malware detection for reliable IoT services. Journal of Applied Mathematics, 2014(1), 594501.
    [CrossRef]   [Google Scholar]
  32. Liu, X., Du, X., Zhang, X., Zhu, Q., Wang, H., & Guizani, M. (2019). Adversarial samples on android malware detection systems for IoT systems. Sensors, 19(4), 974.
    [CrossRef]   [Google Scholar]
  33. Ren, Z., Wu, H., Ning, Q., Hussain, I., & Chen, B. (2020). End-to-end malware detection for android IoT devices using deep learning. Ad Hoc Networks, 101, 102098.
    [CrossRef]   [Google Scholar]
  34. Anwar, M. S., Alhalabi, W., Choi, A., Ullah, I., & Alhudali, A. (2024). Internet of metaverse things (IoMT): Applications, technology challenges and security consideration. In Future Communication Systems Using Artificial Intelligence, Internet of Things and Data Science (pp. 133-158). CRC Press.
    [Google Scholar]
  35. Ksibi, A., Zakariah, M., Almuqren, L., & Alluhaidan, A. S. (2024). Efficient android malware identification with limited training data utilizing multiple convolution neural network techniques. Engineering Applications of Artificial Intelligence, 127, 107390.
    [CrossRef]   [Google Scholar]
  36. Gong, R. H., Zulkernine, M., & Abolmaesumi, P. (2005, May). A software implementation of a genetic algorithm based approach to network intrusion detection. In Sixth International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing and First ACIS International Workshop on Self-Assembling Wireless Network (pp. 246-253). IEEE.
    [Google Scholar]
  37. Hammood, L., Doğru, İ. A., & Kılıç, K. (2023). Machine learning-based adaptive genetic algorithm for android malware detection in auto-driving vehicles. Applied Sciences, 13(9), 5403.
    [CrossRef]   [Google Scholar]
  38. Uysal, I., & Kose, U. (2024, October). Analysis of Network Intrusion Detection via Explainable Artificial Intelligence: Applications with SHAP and LIME. In 2024 Cyber Awareness and Research Symposium (CARS) (pp. 1-6). IEEE.
    [Google Scholar]
  39. Basheer, N., Pranggono, B., Islam, S., Papastergiou, S., & Mouratidis, H. (2024, June). Enhancing malware detection through machine learning using XAI with SHAP framework. In IFIP International Conference on Artificial Intelligence Applications and Innovations (pp. 316-329). Cham: Springer Nature Switzerland.
    [Google Scholar]
  40. García, D. E., DeCastro-García, N., & Castañeda, A. L. M. (2023). An effectiveness analysis of transfer learning for the concept drift problem in malware detection. Expert systems with Applications, 212, 118724.
    [CrossRef]   [Google Scholar]
  41. Wong, W. K., Juwono, F. H., & Apriono, C. (2021). Vision-based malware detection: A transfer learning approach using optimal ecoc-svm configuration. Ieee Access, 9, 159262-159270.
    [CrossRef]   [Google Scholar]
  42. Raza, A., Qaisar, Z. H., Aslam, N., Faheem, M., Ashraf, M. W., & Chaudhry, M. N. (2024). TL‐GNN: Android Malware Detection Using Transfer Learning. Applied AI Letters, 5(3), e94.
    [CrossRef]   [Google Scholar]
Cite This Article
APA Style
Khan, U. I., Zeb, A., Rahman, T., Khan, F. M., Haider, Z. A., & Bilal, H. (2025). ViTDroid and Hybrid Models for Effective Android and IoT Malware Detection. IECE Transactions on Advanced Computing and Systems, 1(1), 32–47. https://doi.org/10.62762/TACS.2024.521915
Article Metrics
Citations:

Google Scholar
0

Crossref

0

Scopus

0

Web of Science

0
Article Access Statistics:
Views: 53
PDF Downloads: 7
Publisher's Note
IECE stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
CC BY Copyright © 2025 by the Author(s). Published by Institute of Emerging and Computer Engineers. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made.
IECE Transactions on Advanced Computing and Systems

IECE Transactions on Advanced Computing and Systems

ISSN: request pending (Online) | ISSN: request pending (Print)

Email: [email protected]

Portico

Portico

All published articles are preserved here permanently:
https://www.portico.org/publishers/iece/

Copyright © 2025 Institute of Emerging and Computer Engineers Inc.