LEMSOFT: Leveraging Extraction Method and Soft Voting for Android Malware Detection

The pervasive spread of Android malware poses significant threats to users and systems worldwide. In most existing studies, differences in feature importance are often overlooked, and the calculation of feature weights is conducted independently of the classification model. In this paper, we propose an Android malware detection method, Leveraging Extraction Method and Soft Voting classification (LEMSOFT). This approach includes a novel preprocessing module, lexical occurrence ratio-based filtering (LORF), and an improved Soft Voting mechanism optimized through genetic algorithms. We introduce LORF to evaluate and enhance the significance of permissions, API calls, and opcodes. Each type of feature is then independently classified using tailored machine learning models. To integrate the outputs of these classifiers, this paper proposes an innovative soft voting mechanism that improves prediction accuracy for encountered applications by assigning weights through a genetic algorithm. Our solution outperforms the baseline methods we studied, as evidenced by the evaluation of 5560 malicious and 8340 benign applications, with an average accuracy of 99.89%. The efficacy of our methodology is demonstrated through extensive experiments, showcasing significant improvements in detection rates compared to state-of-the-art (SOTA) methods.