This study presents a comparative analysis of Principal Component Analysis (PCA) and ANOVA-based feature selection methods for Android malware detection, evaluating their impact on classification accuracy and computational efficiency. Three preprocessing scenarios were examined: using the original dataset with 241 features, applying PCA for feature extraction (retaining all components due to variance thresholds), and employing ANOVA to reduce the feature set to 120. Support Vector Machines (SVM), Wide Neural Networks, and Logistic Regression classifiers were trained on these datasets, with hyperparameters optimized via 5-fold cross-validation. Results demonstrated that SVM consistently achieved the highest accuracy across all scenarios, peaking at 99.25% with PCA. However, PCA failed to reduce dimensionality of models and increased training times for SVM compared to the original dataset. In contrast, ANOVA effectively reduced the feature count, lowering SVM training time to 4.81 seconds while obtaining 98.95% accuracy. These findings highlight ANOVA as a computationally efficient method, balancing high detection performance with reduced resource demands. While PCA marginally improved accuracy, its computational cost renders it less practical for real-time applications. The study concludes that feature selection via ANOVA offers a superior trade-off for Android malware detection, prioritizing both accuracy and efficiency. Future work should explore advanced feature selection techniques and validate models on diverse datasets to enhance generalizability and address evolving malware threats.
Taha Etem (Fri,) studied this question.