AKANDO: A Hybrid Approach for Effective Android Botnet Detection

The ubiquitous nature of Android devices has regrettably rendered them prime targets for cyberattacks, particularly those orchestrated by botnets. Conventional solutions for Android botnet detection often rely on static or dynamic analysis techniques individually, leading to limitations in accuracy and adaptability. Existing research on Android malware detection utilizes various approaches, each with limitations. Some researchers focus on static analysis, examining code for signs of malicious activity. Others employ dynamic analysis, monitoring app behavior during runtime to detect suspicious system calls. Additionally, signature-based approaches compare apps to known malware signatures. However, research on anomaly-based detection, which identifies unusual app behavior without relying on pre-defined patterns, remains limited, leaving room for improvement. This paper proposes AKANDO, a novel botnet detection model that leverages a hybrid feature extraction approach and a multi-layered neural network architecture to achieve superior performance. By combining static and dynamic analysis, AKANDO gains a more holistic understanding of app behavior, potentially leading to superior detection accuracy compared to methods relying solely on one approach. The neural network architecture allows AKANDO to learn complex relationships between extracted features and botnet behavior, enabling it to adapt to evolving threats through continuous training with updated data. Moreover, AKANDO prioritizes minimizing false positives through its hybrid analysis and machine learning techniques, ensuring legitimate applications aren't flagged as malicious.