AntDroidNet Cybersecurity Model: A Hybrid Integration of Ant Colony Optimization and Deep Neural Networks for Android Malware Detection

Authors

Riyadh Rahef Nuiaa Al Ogaili, College of Computer Science and Information Technology, Wasit University, Wasit, Iraq.Follow
Osamah Adil Raheem, College of Computer Science and Information Technology, Wasit University, Wasit, Iraq.
Mohamed H Ghaleb Abdkhaleq, College of Computer Science and Information Technology, Wasit University, Wasit, Iraq.
Zaid Abdi Alkareem Alyasseri, Information Technology Research and Development Center (ITRDC), University of Kufa, Najaf, Iraq.
Zaid Abdi Alkareem Alyasseri, Information Technology Research and Development Center (ITRDC), University of Kufa, Najaf, Iraq.
Ali Hakem Alsaeedi, College of Computer Science and Information Technology, University of Al-Qadisiyah, Al-Qadisiyah, Iraq.
Yousif Raad Muhsen, Department of Civil, College of Engineering, Wasit University, Wasit, Iraq
Selvakumar Manickam, Cybersecurity Research Centre, Universiti Sains Malaysia, Penang, Malaysia

Document Type

Article

Keywords

Android Malware, Malware detection, AntDroidNet, Cybersecurity, ACO & DNN

Abstract

Malware detection is a vital problem, and efficient methods that can efficiently detect malware are needed. The increasing use of mobile computers makes malware detection a vital part of security in an era where smartphones have come to play a key role in many of our daily lives. Earlier approaches, however, suffer from high false positive rates; they are not scalable for larger databases, or they are not amenable to adapt well to novel zero-day malware. For these reasons, the demand for more sensitive and flexible detection models is high. In this study, we develop a hybrid mobile malware detection framework that leverages ant colony optimization (ACO) and deep neural networks (DNNs) to improve detection accuracy, reduce the rate of false positives, and make the model resilient to new malware. AntDroidNet is a novel ACO-enabled feature selection model that dynamically reduces the feature dimensionality by selecting single instances to include the most informative properties and avoid dimensionality. A DNN is consequently constructed to train the determined set of features, improving the identified classification performance and decreasing the number of instances with false discoveries. In this way, a self-optimizing feedback loop can iteratively improve the feature selection process given the performance of the DNN, leading to a dynamic and efficient detection model. Using the CICMalDroid2020 dataset, the proposed AntDroidNet model achieves a remarkable accuracy of 99.89% and an excellent false positive rate of only 0.13% and outperforms the classical machine learning algorithms in terms of accuracy and efficiency. AntDroidNet is a scalable and powerful mobile malware detection model that eclipses all state-of-the-art methods and shows important enhancements in efficiency and reliability. By prototyping whitelisting systems, this work opens new avenues in mobile security and lays the groundwork for future work on building real-time detection components and system components able to scale to the fast pace of evolution of mobile malware in new connected ecosystems.

How to Cite This Article

Al Ogaili, Riyadh Rahef Nuiaa; Raheem, Osamah Adil; Abdkhaleq, Mohamed H Ghaleb; Alyasseri, Zaid Abdi Alkareem; Alyasseri, Zaid Abdi Alkareem; Alsaeedi, Ali Hakem; Muhsen, Yousif Raad; and Manickam, Selvakumar (2025) "AntDroidNet Cybersecurity Model: A Hybrid Integration of Ant Colony Optimization and Deep Neural Networks for Android Malware Detection," Mesopotamian Journal of CyberSecurity: Vol. 5: Iss. 1, Article 8.
DOI: https://doi.org/10.58496/MJCS/2025/008
Available at: https://map.researchcommons.org/mjcs/vol5/iss1/8