What question did this study set out to answer?

The aim is to develop a method for detecting Trojan malware on Android devices through network traffic analysis.

June 4, 2026Open Access

A Dynamic Machine Learning Approach for Android Trojan Detection Using Network Traffic Analysis

Key Points

The aim is to develop a method for detecting Trojan malware on Android devices through network traffic analysis.
Proposed an experimental methodology for dynamic analysis of network traffic features.
Conducted feature importance and stability analysis using J48 decision tree classifier.
Assessed performance with multiple machine learning classifiers, identifying J48 as the most accurate.
The J48 decision tree classifier achieved a detection accuracy of 99.0%.
Dynamic analysis methodology effectively identifies Trojans in network traffic.
Importance analysis validated the robustness of selected features.

Abstract

Android’s wide adoption as the dominant mobile operating system has made it an attractive target for hackers, especially since users regularly keep sensitive personal data on their smartphones. This raises exposure to a wide range of security threats, emphasizing the importance of robust detection measures. This paper proposes an experimental methodology for identifying Trojan horse malware on Android devices through dynamic analysis, focusing on network traffic features extracted from a dedicated Trojan Detection dataset. In addition, a feature importance and stability analysis was performed using the J48 decision tree to enhance model interpretability and validate the robustness of the selected network traffic features. The dataset’s performance was assessed using multiple machine learning classifiers, where the J48 decision tree classifier achieved the highest detection accuracy at 99.0%.

Read Full Paperexternally

Mark Helpful

Bookmark

Relay

View Full Paper