# Metaheuristics with Deep Learning Model for Cybersecurity and Android Malware Detection and Classification

^{1}

^{2}

^{*}

## Abstract

**:**

## 1. Introduction

## 2. Literature Review

## 3. The Proposed Model

#### 3.1. Feature Extraction

#### 3.2. Algorithmic Procedure of RHSO-FS Technique

Algorithm 1: Proposed RHSO Algorithm |

Generate a primary population of $0$ and $1$ of $P$ agents arbitrarily. Fixed the dimensional of problems, $D=P$, whereas $P$ refers to the count of agents. Fixed Low to 1 and High to $D$, whereas High and Low signify high and low dimensional, correspondingly. Make the value of $rl$ and $r2$, in which $rl$ denotes the random number $\left(0,1\right)$ and $r2$ denotes the random radius $\left(0,360\right)$. Make testing and training data. Fixed $ma{x}_{-}$ iter $=$ maximal count of iterations. Compute all the agents’ fitness. Set Leader $=the$ optimum agents. Set $t=1.$ While $\left(t<ma{x}_{-}iter\right)$ for $(i=1$ to n$)$ do Upgrade Leader position. Upgrade the position of all the searching agents. Compute the Newfitness of all the searching agents. Choose the better member of the population $\to bestX=X\left(min\left(fitness\right)\right)$ Upgrade the angle. If $Newfitness\left(i\right)=fitness\left(i\right);$ then Upgrade the position of all the searching agents. fitness $\left(i\right)=Newfitness\left(i\right)$. end if end for $t=t+1.$ end while Return the optimum agent |

#### 3.3. Malware Detection Using ARAE Model

#### 3.4. Hyperparameter Tuning

^{th}order moment estimation $vk$ can be determined by:

## 4. Performance Validation

## 5. Conclusions

## Author Contributions

## Funding

## Institutional Review Board Statement

## Informed Consent Statement

## Data Availability Statement

## Conflicts of Interest

## References

- Liu, K.; Xu, S.; Xu, G.; Zhang, M.; Sun, D.; Liu, H. A Review of Android Malware Detection Approaches Based on Machine Learning. IEEE Access
**2020**, 8, 124579–124607. [Google Scholar] [CrossRef] - Zhao, S.; Li, S.; Qi, L.; Xu, L.D. Computational Intelligence Enabled Cybersecurity for the Internet of Things. IEEE Trans. Emerg. Top. Comput. Intell.
**2020**, 4, 666–674. [Google Scholar] [CrossRef] - Dovom, E.M.; Azmoodeh, A.; Dehghantanha, A.; Newton, D.E.; Parizi, R.M.; Karimipour, H. Fuzzy pattern tree for edge malware detection and categorization in IoT. J. Syst. Archit.
**2019**, 97, 1–7. [Google Scholar] [CrossRef] - Sicato, J.C.S.; Sharma, P.K.; Loia, V.; Park, J.H. VPNFilter Malware Analysis on Cyber Threat in Smart Home Network. Applied Sciences
**2019**, 9, 2763. [Google Scholar] [CrossRef] - Shah, Y.; Sengupta, S. A survey on Classification of Cyber-attacks on IoT and IIoT devices. In Proceedings of the 11th IEEE Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), New York, NY, USA, 28–31 October 2020; pp. 406–413. [Google Scholar] [CrossRef]
- Ali, S.; Bhargava, A.; Saxena, A.; Kumar, P. A Hybrid Marine Predator Sine Cosine Algorithm for Parameter Selec-tion of Hybrid Active Power Filter. Mathematics
**2023**, 11, 598. [Google Scholar] [CrossRef] - Aziz, R.M.; Mahto, R.; Goel, K.; Das, A.; Kumar, P.; Saxena, A. Modified Genetic Algorithm with Deep Learning for Fraud Transactions of Ethereum Smart Contract. Appl. Sci.
**2023**, 13, 697. [Google Scholar] [CrossRef] - Inayat, U.; Zia, M.F.; Mahmood, S.; Khalid, H.M.; Benbouzid, M. Learning-Based Methods for Cyber Attacks Detection in IoT Systems: A Survey on Methods, Analysis, and Future Prospects. Electronics
**2022**, 11, 1502. [Google Scholar] [CrossRef] - Aziz, R.M.; Hussain, A.; Sharma, P.; Kumar, P. Machine learning-based soft computing regression analysis ap-proach for crime data prediction. Karbala Int. J. Mod. Sci.
**2022**, 8, 1–19. [Google Scholar] [CrossRef] - Aziz, R.M.; Baluch, M.F.; Patel, S.; Kumar, P. A machine learning based approach to detect the Ethereum fraud transactions with limited attributes. Karbala Int. J. Mod. Sci.
**2022**, 8, 139–151. [Google Scholar] [CrossRef] - Smmarwar, S.K.; Gupta, G.P.; Kumar, S.; Kumar, P. An optimized and efficient android malware detection framework for future sustainable computing. Sustain. Energy Technol. Assess.
**2022**, 54, 102852. [Google Scholar] [CrossRef] - Sharma, R.M.; Agrawal, C.P. MH-DLdroid: A Meta-Heuristic and Deep Learning-Based Hybrid Approach for Android Malware Detection. Int. J. Intell. Eng. Syst
**2022**, 15, 425–435. [Google Scholar] - Jebin Bose, S.; Kalaiselvi, R. An optimal detection of android malware using dynamic attention-based LSTM classifier. J. Intell. Fuzzy Syst.
**2018**, 34, 1277–1288. [Google Scholar] [CrossRef] - Alzubi, O.A.; Alzubi, J.A.; Al-Zoubi, A.M.; Hassonah, M.A.; Kose, U. An efficient malware detection approach with feature weighting based on Harris Hawks optimization. Clust. Comput.
**2022**, 25, 2369–2387. [Google Scholar] [CrossRef] - Bhagwat, S.; Gupta, G.P. Android Malware Detection Using Hybrid Meta-heuristic Feature Selection and Ensemble Learning Techniques. In International Conference on Advances in Computing and Data Sciences; Springer: Cham, Germany, 2022; pp. 145–156. [Google Scholar]
- Elkabbash, E.T.; Mostafa, R.R.; Barakat, S.I. Android malware classification based on random vector functional link and artificial Jellyfish Search optimizer. PLoS ONE
**2021**, 16, e0260232. [Google Scholar] [CrossRef] - Şahin, D.Ö.; Kural, O.E.; Akleylek, S.; Kılıç, E. A novel permission-based Android malware detection system using feature selection based on linear regression. Neural Comput. Appl.
**2021**, 29, 245–262. [Google Scholar] [CrossRef] - Jerbi, M.; Dagdia, Z.C.; Bechikh, S.; Said, L.B. On the use of artificial malicious patterns for android malware detection. Comput. Secur.
**2020**, 92, 101743. [Google Scholar] [CrossRef] - Bhattacharya, A.; Goswami, R.T.; Mukherjee, K. A feature selection technique based on rough set and improvised PSO algorithm (PSORS-FS) for permission based detection of Android malwares. Int. J. Mach. Learn. Cybern.
**2019**, 10, 1893–1907. [Google Scholar] [CrossRef] - Dhabal, G.; Gupta, G. Towards Design of a Novel Android Malware Detection Framework Using Hybrid Deep Learning Techniques. In Soft Computing for Security Applications; Springer: Singapore, 2023; pp. 181–193. [Google Scholar]
- Kim, J.; Ban, Y.; Ko, E.; Cho, H.; Yi, J.H. MAPAS: A practical deep learning-based android malware detection system. Int. J. Inf. Secur.
**2022**, 21, 725–738. [Google Scholar] [CrossRef] - Fallah, S.; Bidgoly, A.J. Android malware detection using network traffic based on sequential deep learning models. Softw. Pract. Exp.
**2022**, 52, 1987–2004. [Google Scholar] [CrossRef] - Rathore, H.; Sahay, S.K.; Nikam, P.; Sewak, M. Robust android malware detection system against adversarial attacks using q-learning. Inf. Syst. Front.
**2021**, 23, 867–882. [Google Scholar] [CrossRef] - Padhi, B.K.; Chakravarty, S.; Naik, B.; Pattanayak, R.M.; Das, H. RHSOFS: Feature Selection Using the Rock Hyrax Swarm Optimization Algorithm for Credit Card Fraud Detection System. Sensors
**2022**, 22, 9321. [Google Scholar] [CrossRef] [PubMed] - Ma, X.; Tao, Z.; Wang, Y.; Yu, H.; Wang, Y. Long short-term memory neural network for traffic speed prediction using remote microwave sensor data. Transp. Res. C, Emerg. Technol.
**2015**, 54, 187–197. [Google Scholar] [CrossRef] - Kong, X.; Li, X.; Zhou, Q.; Hu, Z.; Shi, C. Attention recurrent autoencoder hybrid model for early fault diagnosis of rotating machinery. IEEE Trans. Instrum. Meas.
**2021**, 70, 1–10. [Google Scholar] [CrossRef] - Xiao, B.; Liu, Y.; Xiao, B. Accurate state-of-charge estimation approach for lithium-ion batteries by gated recurrent unit with ensemble optimizer. IEEE Access
**2019**, 7, 54192–54202. [Google Scholar] [CrossRef] - Jang, J.W.; Kang, H.; Woo, J.; Mohaisen, A.; Kim, H.K. Andro-AutoPsy: Anti-malware system based on similarity matching of malware and malware creator-centric information. Digit. Investig.
**2015**, 14, 17–35. [Google Scholar] [CrossRef] - Lee, J.; Jang, H.; Ha, S.; Yoon, Y. Android Malware Detection Using Machine Learning with Feature Selection Based on the Genetic Algorithm. Mathematics
**2021**, 9, 2813. [Google Scholar] [CrossRef]

**Figure 4.**Confusion matrices of the RHSODL-AMD algorithm (

**a**,

**b**) TRS/TSS of 80:20 and (

**c**,

**d**) TRS/TSS of 70:30.

**Figure 9.**(

**a**,

**b**) PR and ROC curve at 80:20 of TRS/TSS and (

**c**,

**d**) PR and ROC curve at 70:30 of TRS/TSS.

Class | No. of Samples |
---|---|

Benign | 9000 |

Malware | 13,000 |

Total Number of Samples | 22,000 |

Class | Accuracy_{bal} | Precision | Recall | F-Score | MCC |
---|---|---|---|---|---|

Training Phase (80%) | |||||

Benign | 95.79 | 96.30 | 95.79 | 96.04 | 93.32 |

Malware | 97.45 | 97.10 | 97.45 | 97.27 | 93.32 |

Average | 96.62 | 96.70 | 96.62 | 96.66 | 93.32 |

Testing Phase (20%) | |||||

Benign | 95.40 | 95.72 | 95.40 | 95.56 | 92.48 |

Malware | 97.04 | 96.81 | 97.04 | 96.92 | 92.48 |

Average | 96.22 | 96.26 | 96.22 | 96.24 | 92.48 |

Class | Accuracy_{bal} | Precision | Recall | F-Score | MCC |
---|---|---|---|---|---|

Training Phase (70%) | |||||

Benign | 98.94 | 98.78 | 98.94 | 98.86 | 98.07 |

Malware | 99.15 | 99.26 | 99.15 | 99.21 | 98.07 |

Average | 99.05 | 99.02 | 99.05 | 99.03 | 98.07 |

Testing Phase (30%) | |||||

Benign | 97.99 | 98.76 | 97.99 | 98.37 | 97.27 |

Malware | 99.16 | 98.63 | 99.16 | 98.89 | 97.27 |

Average | 98.57 | 98.69 | 98.57 | 98.63 | 97.27 |

**Table 4.**Comparative analysis of the RHSODL-AMD algorithm with other approaches [29].

Methods | $\mathit{A}\mathit{c}\mathit{c}{\mathit{u}}_{\mathit{y}}$ | $\mathit{P}\mathit{r}\mathit{e}{\mathit{c}}_{\mathit{n}}$ | $\mathit{R}\mathit{e}\mathit{c}{\mathit{a}}_{\mathit{l}}$ | ${\mathit{F}}_{\mathit{S}\mathit{c}\mathit{o}\mathit{r}\mathit{e}}$ |
---|---|---|---|---|

RHSODL-AMD | 99.05 | 99.02 | 99.05 | 99.03 |

DBN Model | 96.81 | 97.46 | 96.82 | 97.99 |

LSTM Model | 96.37 | 95.45 | 95.91 | 97.20 |

J48 Model | 94.85 | 94.26 | 94.92 | 94.09 |

RF Model | 94.93 | 94.38 | 94.92 | 94.69 |

DecisionTable Model | 96.40 | 96.17 | 95.95 | 97.45 |

NB Model | 96.64 | 97.42 | 96.74 | 97.72 |

MLP Model | 95.25 | 94.66 | 95.27 | 95.49 |

SMO Model | 97.05 | 97.48 | 96.92 | 98.26 |

Logistic Model | 98.17 | 98.27 | 97.47 | 98.46 |

AdaBoost-M1 model | 95.88 | 95.18 | 95.42 | 96.82 |

Ibk Model | 96.41 | 96.89 | 95.95 | 97.48 |

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |

© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Albakri, A.; Alhayan, F.; Alturki, N.; Ahamed, S.; Shamsudheen, S.
Metaheuristics with Deep Learning Model for Cybersecurity and Android Malware Detection and Classification. *Appl. Sci.* **2023**, *13*, 2172.
https://doi.org/10.3390/app13042172

**AMA Style**

Albakri A, Alhayan F, Alturki N, Ahamed S, Shamsudheen S.
Metaheuristics with Deep Learning Model for Cybersecurity and Android Malware Detection and Classification. *Applied Sciences*. 2023; 13(4):2172.
https://doi.org/10.3390/app13042172

**Chicago/Turabian Style**

Albakri, Ashwag, Fatimah Alhayan, Nazik Alturki, Saahirabanu Ahamed, and Shermin Shamsudheen.
2023. "Metaheuristics with Deep Learning Model for Cybersecurity and Android Malware Detection and Classification" *Applied Sciences* 13, no. 4: 2172.
https://doi.org/10.3390/app13042172