An Android Malware Detection Technique Using Gaussian Mixture Model Clustering 


Vol. 14,  No. 5, pp. 352-362, May  2025
https://doi.org/10.3745/TKIPS.2025.14.5.352


PDF
  Abstract

Machine learning-based techniques have been extensively explored for detecting malicious Android applications. However, traditional models often suffer from performance degradation over time due to concept drift, where the behavioral and structural features of apps evolve. To address this issue, we propose a novel detection framework that leverages Gaussian Mixture Model (GMM) clustering to mitigate the impact of concept drift. Our approach models the underlying data distribution as a mixture of Gaussian components and trains a specialized classifier for each component. This allows the system to adapt to shifting feature distributions without the need for frequent retraining. Experimental evaluations conducted on Android app datasets spanning from 2014 to 2023 demonstrate that traditional machine learning models experience significant performance decline on post-2019 data due to concept drift. In contrast, our GMM-based framework maintains robust detection performance across all years, achieving an 8.9 percentage point improvement in F1-score and a 10.1 percentage point increase in Area Under Time (AUT) compared to conventional methods.

  Statistics
  Cite this article

[IEEE Style]

S. M. Lee, S. H. Ahn, S. Cho, D. J. Kim, Y. S. Hwang, "An Android Malware Detection Technique Using Gaussian Mixture Model Clustering," The Transactions of the Korea Information Processing Society, vol. 14, no. 5, pp. 352-362, 2025. DOI: https://doi.org/10.3745/TKIPS.2025.14.5.352.

[ACM Style]

Seung Min Lee, Seok Hyun Ahn, Seong-Je Cho, Dong Jae Kim, and Young Sup Hwang. 2025. An Android Malware Detection Technique Using Gaussian Mixture Model Clustering. The Transactions of the Korea Information Processing Society, 14, 5, (2025), 352-362. DOI: https://doi.org/10.3745/TKIPS.2025.14.5.352.

Forms

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)

Old Journals

Indexing

All publications of TKIPS is indexed in DOI, EBSCO, Google Scholar, Crossref, and CrossCheck.

TKIPS is also selected as the Journal for Accreditation by NRF (National Research Foundation of Korea).

Related Journals