This article has been accepted for inclusion in a future issue of this journal.
Content is final as presented, with the exception of pagination.
IEEE TRANSACTIONS ON CYBERNETICS
DroidFusion: A Novel Multilevel Classifier Fusion
Approach for Android Malware Detection
Suleiman Y. Yerima , Member, IEEE, and Sakir Sezer, Member, IEEE
Abstract—Android malware has continued to grow in volume
and complexity posing significant threats to the security of mobile
devices and the services they enable. This has prompted increas-
ing interest in employing machine learning to improve Android
malware detection. In this paper, we present a novel classi-
fier fusion approach based on a multilevel architecture that
enables effective combination of machine learning algorithms for
improved accuracy. The framework (called DroidFusion), gener-
ates a model by training base classifiers at a lower level and then
applies a set of ranking-based algorithms on their predictive accu-
racies at the higher level in order to derive a final classifier. The
induced multilevel DroidFusion model can then be utilized as an
improved accuracy predictor for Android malware detection. We
present experimental results on four separate datasets to demon-
strate the effectiveness of our proposed approach. Furthermore,
we demonstrate that the DroidFusion method can also effec-
tively enable the fusion of ensemble learning algorithms for
improved accuracy. Finally, we show that the prediction accuracy
of DroidFusion, despite only utilizing a computational approach
in the higher level, can outperform stacked generalization, a well-
known classifier fusion method that employs a meta-classifier
approach in its higher level.
Index Terms—Android malware detection, classifier fusion,
ensemble learning, machine learning, mobile security, stacked
generalization.
I. I NTRODUCTION
N RECENT years, Android has become the leading mobile
I operating system with a substantially higher percentage
of the global market share. Over 1 billion Android devices
have been sold with an estimated 65 billion app downloads
from Google Play alone [1]. The growth in the popularity
of Android and the proliferation of third party app markets
has also made it a popular target for malware. Last year,
McAfee reported that there were more than 12 million Android
Manuscript received June 3, 2017; revised September 11, 2017; accepted
November 11, 2017. This work was supported by the U.K. Engineering
and Physical Sciences Research Council through the Centre for Secure
Information Security (CSIT-2) under Grant EP/N508664/1. This paper was
recommended by Associate Editor P. P. Angelov. (Corresponding author:
Suleiman Y. Yerima.)
S. Y. Yerima was with the Centre for Secure Information Technologies,
Queen’s University Belfast, Belfast BT3 9DT, Northern Ireland. He is now
with the Faculty of Technology, De Montfort University, Leicester LE1 9BH,
U.K. (e-mail: [email protected]).
S. Sezer is with the Centre for Secure Information Technologies, Queen’s
University Belfast, Belfast, Northern Ireland (e-mail: [email protected]).
This paper has supplementary downloadable multimedia material available
at http://ieeexplore.ieee.org provided by the authors.
Color versions of one or more of the figures in this paper are available
online at http://ieeexplore.ieee.org.
Digital Object Identifier 10.1109/TCYB.2017.2777960
2168-2267 c 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
1
malware samples with nearly 2.5 million new samples discov-
ered every year [2]. Android malware can be embedded in
a variety of applications such as banking apps, gaming apps,
lifestyle apps, educational apps, etc. These malware-infected
apps can then compromise security and privacy by allowing
unauthorized access to privacy-sensitive information, rooting
devices, turning devices into remotely controlled bots, etc.
Zero-day Android malware have the ability to evade
traditional signature-based defences. Hence, there is an
urgent need to develop more effective detection methods.
Recently, machine learning-based methods are increasingly
being applied to Android malware detection. However, clas-
sifier fusion approaches have not been extensively explored
as they have been in other domains like network intrusion
detection.
In this paper, we present and investigate a novel classi-
fier fusion approach that utilizes a multilevel architecture to
increase the predictive power of machine learning algorithms.
The framework, called DroidFusion, is designed to induce a
classification model for Android malware detection by train-
ing a number of base classifiers at the lower level. A set of
ranking-based algorithms are then utilized to derive combi-
nation schemes at the higher level, one of which is selected
to build a final model. The framework is capable of lever-
aging not only traditional singular learning algorithms like
decision trees or naive Bayes, but also ensemble learning algo-
rithms like random forest, random subspace, boosting, etc. for
improved classification accuracy.
In order to demonstrate the effectiveness of the DroidFusion
approach, we performed extensive experiments on four
datasets derived from extracting features from two publicly
available and widely used malware samples collection (i.e.,
Android Malgenome project [3] and DREBIN [4]) and a
collection of samples provided by Intel Security (formerly,
McAfee). The unique contributions of this paper can be
summarized as follows.
1) We propose a novel general-purpose classifier fusion
approach (DroidFusion) and present its evaluation on
four different datasets. DroidFusion can be applied
to not only traditional learners but also ensemble
learners.
2) We propose four ranking-based algorithms that enable
classifier fusion within the DroidFusion framework. The
algorithms are utilized in building a final improved
classification model for Android malware detection.
3) We present the results of extensive experiments to
demonstrate the effectiveness of our proposed approach.
 This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.
2 IEEE TRANSACTIONS ON CYBERNETICS
The results of experiments with singular classifiers and
ensemble classifiers are presented.
4) Furthermore, we present results of a performance com-
parison of DroidFusion with stacked generalization (or
stacking), a well-known classifier fusion method that is
also based on a multilevel architecture.
5) Datasets that we created from the feature extraction pro-
cess with DREBIN and Malgenome project malware
samples are released in the supplementary material.
The rest of this paper is structured as follows. Section II dis-
cusses related work while Section III presents the DroidFusion
framework. The investigation methodology is presented in
Section IV, while Section V presents results with analyses
and discussion. Finally, the conclusion is given in Section VI.
II. R ELATED W ORK
In this section, we review related work on machine learning-
based Android malware detection. Static and/or dynamic
analysis is used to extract model training features, and both
methods have pros and cons. Static analysis is prone to obfus-
cation [5], but is generally faster and less resource intensive
than dynamic analysis. Dynamic analysis is resistant to obfus-
cation but can be hampered by anti-virtualization [6]–[9] and
code coverage limitations [10], [34].
A. Static Analysis With Traditional Classifiers
Recent Android malware detection work that employ
machine learning with static features include the fol-
lowing. DroidMat [11] proposed applying k-means and
k-nearest neighbor (k-NN) algorithms based on static fea-
tures from permissions, intents, and application program
interface (API) calls, to classify apps as benign or malware.
Arp et al. [4] proposed SVM based on permissions, API
calls, network access, etc. for lightweight on-device detec-
tion. Yerima et al. [12], [14] proposed an eigenpsace analysis
approach, as well as random forest ensemble learning models.
The machine learning-based detection proposed in the papers
were based on API calls, intents, permissions, and embed-
ded commands. Varsha et al. [15] investigated SVM, random
forest, and rotation forests on three datasets; their detection
method employed static features extracted from the manifest
and application executable files.
Sharma and Dash [16] utilized API calls and permis-
sions to build naive Bayes and k-NN-based detection systems.
In [17], API classes were used with random forest, J48, and
SVM classifiers. Wang et al. [18] evaluated the usefulness of
risky permissions for malware detection using SVM, decision
trees, and random forest. DAPASA [19] focused on detecting
malware piggybacked onto benign apps by utilizing sensi-
tive subgraphs to construct five features depicting invocation
patterns. The features are fed into machine learning algo-
rithms, i.e., random forest, decision tree, k-NN, and PART,
with random forest yielding the best detection performance.
Cen et al. [20] proposed a detection method based on API
calls from decompiled code and permissions. Their proposed
method applies a probabilistic discriminative model based on
regularized logistic regression (RLR). RLR is compared to
SVM, decision tree, k-NN, and naive Bayes with information
priors and hierarchical mixture of naive Bayes.
Wang et al. [52] applied logistic regression, linear SVM,
decision tree, and random forest with static analysis for the
detection of malicious apps. They utilized app-specific static
features and platform-specific static features for training the
machine learning algorithms. The authors reported a maximum
true positive rate (TPR) of 96% and false positive rate (FPR)
of 0.06% with the logistic regression classifier based on
experiments conducted on 18 363 malware apps and 217 619
benign apps.
Other research papers that have investigated static fea-
tures with machine learning for Android malware detection
include [21]–[23], [45], [47], [48], and [54].
B. Dynamic and Hybrid Analysis With Traditional Classifiers
Some of the detection methods utilized dynamic fea-
tures with machine learning, for example AntiMalDroid [24].
AntiMalDroid is a dynamic analysis behavior-based mal-
ware detection framework that uses logged behavior sequence
as features with SVM. DroidDolphin [25] also employed
SVM with dynamically obtained features. Afonso et al. [26]
utilized dynamic API calls and system call traces and
investigated SVM, J48, IBk (an instance-based classifier),
BayesNet K2, BayesNet TAN, random forest, and naive
Bayes. Alzaylaee et al. [27] investigated SVM, naive Bayes,
PART, random forest, J48, multilayer perceptron (MLP), and
simple logistic by comparing their performances on real
phones versus emulators using dynamically obtained features.
Ni et al. [46] proposed a real-time malicious behavior detec-
tion system that records API calls, permission uses, and other
real-time features such as user operations. In their paper, they
used SVM and naive Bayes algorithms for detection with these
run-time features.
Mahindru and Singh [53] extracted 123 dynamic per-
missions from 11 000 Android applications which were
subsequently applied to several individual machine learning
classifiers including naive Bayes, decision tree, random for-
est, simple logistic, and k-star. In their experiments, simple
logistic was found to perform marginally better than the oth-
ers but the malware classification accuracy of random forest,
decision tree (J48), and simple logistic were comparable.
Other works such as MARVIN [28], adopt a hybrid static
and dynamic feature-based approach with machine learning
(SVM and L2 regularized linear classifier). MARVIN assesses
the risk associated with unknown Android apps in the form of
a malice score ranging from 0 to 10. Similarly, Su et al. [49]
adopted a hybrid static and dynamic feature approach by per-
forming experiments on 1200 (900 clean and 300 malware)
samples. Several machine learning algorithms were investi-
gated including Bayes net, naive Bayes, k-NN, J48, and SVM.
The best overall accuracy of 91.1% was attained with SVM.
C. Android Malware Detection With Classifier Fusion
Previous works in intrusion detection systems such
as [29]–[32] investigated classifier fusion for improving
detection accuracy. This method is also being applied
 This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.
YERIMA AND SEZER: DroidFusion: NOVEL MULTILEVEL CLASSIFIER FUSION APPROACH FOR ANDROID MALWARE DETECTION
to the detection of Android malware. For example,
Milosevic et al. [50] investigated classifier fusion approach
with static analysis based on Android permissions and source
code-based analysis. They used SVM, C.45, decision trees,
random tree, random forests, JRip, and linear regression classi-
fiers. The authors experimented with ensembles that contained
odd combinations of three and five classifiers using the major-
ity voting fusion method. The best fusion model achieved an
accuracy rate of 95.6% using the source-code-based features.
However, the number of samples used in the experiments were
limited (387 samples for the permissions-based experiments
and 368 for source code-based analysis).
Yerima et al. [13] compared several classifier fusion meth-
ods, i.e., majority vote, product of probabilities, maximum
probability, and average of probabilities using J48, naive
Bayes, PART, RIDOR, and simple logistic classifiers. The
classifiers were trained with static features extracted from
6863 app samples, and in the experiments presented, the fused
models performed better than the single classifiers.
Wang et al. [51] extracted 11 types of static features
and employed multiple classifiers in a majority vote fusion
approach. The classifiers include SVM, k-NN, naive Bayes,
classification and regression tree (CART), and random for-
est. Their experiments on 116 028 app samples showed more
robustness with the majority voting ensemble than with the
individual base classifiers.
Idrees et al. [55] utilized permissions and intents as fea-
tures to train machine learning models and applied classifier
fusion for improved performance. Their experiments were per-
formed on 1745 app samples starting with a performance
comparison between MLP, decision table, decision tree, ran-
dom forest, naive Bayes, and sequential minimal optimization
classifiers. The decision table, MLP, and decision tree classi-
fiers were then combined using three schemes: 1) average of
probabilities; 2) product of probabilities; and 3) majority vot-
ing. Coronado-De-Alba et al. [33] proposed and investigated
a classifier fusion method based on random forest and ran-
dom committee ensemble classifiers. Their approach embeds
random forest within random committee to produce a meta-
ensemble model. The meta-model outperformed the individual
classifiers in experiments performed with 1531 malware and
1531 benign samples. Table I summarizes papers that have
investigated classifier fusion for Android malware detection.
In contrast to all of the existing Android malware detection
works, this paper proposes a novel classifier fusion approach
that utilizes four ranking-based algorithms within a multilevel
framework (DroidFusion). We evaluated DroidFusion exten-
sively and compared its performance to stacking and other
classifier fusion methods. Next, we present DroidFusion.
III. D ROID F USION : G ENERAL P URPOSE F RAMEWORK
FOR C LASSIFIER F USION
The DroidFusion framework consists of a multilevel archi-
tecture for classifier fusion. It is designed as a general
purpose classifier fusion system, so that it can be applied
to both traditional singular classifiers and ensemble classi-
fiers (which themselves employ a base classifier usually to
3
TABLE I
OVERVIEW OF S OME OF THE PAPERS T HAT A PPLY C LASSIFIER F USION
FOR A NDROID M ALWARE D ETECTION . NB = NAIVE BAYES ; SL =
S IMPLE L OGISTIC ; LR = L INEAR R EGRESSION ; DT = D ECISION T REE ;
VP = VOTED P ERCEPTRON ; AVE P = AVERAGE OF P ROBABILITIES ;
P ROD P = P RODUCT OF P ROBABILITIES ; AND M AX P =
M AXIMUM P ROBABILITY
produce different randomly induced models that are subse-
quently combined). At the lower level, the (DroidFusion)
base classifiers are trained on a training set using a strati-
fied N-fold cross-validation technique to estimate their relative
predictive accuracies. The outcomes are utilized by four differ-
ent ranking-based algorithms (in the higher layer) that define
certain criteria for the selection and subsequent combination
of a subset (or all) of the applicable base classifiers. The out-
comes of the ranking algorithms are combined in pairs in
order to find the strongest pair, which is subsequently used
to build the final DroidFusion model (after testing against an
unweighted parallel combination of the base classifiers).
A. DroidFusion Model Construction
The model building, i.e., training process is distinct from the
prediction or testing phase, as the former utilizes a training-
validation set to build a multilevel ensemble classifier which is
then evaluated on a separate test set in the latter phase. Fig. 1
illustrates the two-level architecture of DroidFusion. It shows
the training paths (solid arrows) and the testing/prediction path
(dashed arrows). First, at the lower level each base classi-
fier undergoes an N-fold cross-validation-based estimate of
class performance accuracies. Let the N-fold cross validated
predictive accuracies for K base classifiers be expressed by
Pbase , a K-tuple of the class accuracies of the K base classifiers
Pbase = {[P1m , P1b ], [P2m , P2b ], . . . , [PKm , PKb ]}. (1)
The elements of Pbase are applied to the ranking-based algo-
rithms average accuracy-based (AAB) ranking scheme, class
differential-based (CDB) ranking scheme, ranked aggregate
of per class performance-based (RAPC) scheme, and ranked
aggregate of average accuracy and class differential-based
(RACD) scheme described later in Section III-B. Let X be
the total number of instances with M malware and B benign
instances, where the M instances possess a label L = 1 denot-
ing malware and the B instances from X possess a label L = 0
 This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.

4 IEEE TRANSACTIONS ON CYBERNETICS

Fig. 1. DroidFusion 2-layer model architecture.

denoting benign. All X instances are also represented by fea- reclassification is accomplished using V̇(x), x ∈ X based on
ture vectors with f binary representations, where f is the the criteria defined by the schemes in S using Pbase . Each
number of features extracted from the given app. The fea- scheme in S derives a set of Z weights that will be applied
tures in the vectors take on 0 or 1 representing the absence with V̇(x), x ∈ X for every instance during the reclassification
or presence the given feature. Additionally, after the N-fold process.
cross-validation process (as shown in Fig. 1), a set of K-tuple Let ωi , i ∈ {1, . . . , Z}, Z ≤ K be the set of weights derived
class predictions are derived for every instance x, given by for a particular scheme in S. Then, to reclassify an instance
x according to the scheme’s criterion, its class prediction will
V(x) = {v1 , v2 , . . . , vk }, ∀k ∈ {1, . . . , K}. (2)
be given by
Note that v1 , v2 , . . . , vk could be crisp predictions or prob-  Z
ωi vi
ability estimates from the base classifiers. Adding the original 1 : if i=1 ≥ 0.5
CSj (x) = Z
i=1 ωi (5)
(known) class label, l, we obtain 0 : otherwise ∀j ∈ {1, 2, 3, 4}.
V̇(x) = {v1 , v2 , . . . , vk , l}, ∀k ∈ {1, . . . , K}, l ∈ {0, 1}. (3) Hence, the benign class accuracy performance for the given
Pbase and V̇(x), ∀x ∈ X will be utilized in the level-2 scheme is calculated from
computation during the DroidFusion model construction. Let X
(CSj (x) + 1)|CSj (x) = 0, l(x) = 0
us denote the set of four ranking-based schemes by S = PSj = x=1
ben
(6)
B
{S1, S2, S3, S4}. The pairwise combinations of the elements
of S will result in six possibilities where B is the number of benign instances, while the malware
accuracy performance is calculated from
φ = {S1S2, S1S3, S1S4, S2S3, S2S4, S3S4}. (4) X
CSj (x)|CSj (x) = 1, l(x) = 1
Our goal is to select the best pair of ranking-based schemes PSj = x=1
mal
. (7)
X−B
from S, and if its performance exceeds that of an unweighted
combination of the original base classifiers, it would be Thus the average performance accuracy is simply
selected to construct the final DroidFusion model. In the B · Pben
Sj + (X − B) · PSj
mal
event that the unweighted combination performance is greater, ṖSj = . (8)
DroidFusion will be configured to apply a majority vote (or X
average of probabilities) of the base classifiers in the final con- Likewise, to determine the performance of each pairwise com-
structed model. In order to estimate the accuracy performance bination in φ: let ωi , i ∈ {1, . . . , Z}, Z ≤ K be the first set
of each scheme in S or each pairwise combination in set φ, of weights derived for the first scheme in the pair, and let
a reclassification of the X instances (in the training-validation μi , i ∈ {1, . . . , Z}, Z ≤ K be those derived for the second
set) is performed for each scheme or pair of schemes. The scheme in the pair. Then, to reclassify the X instances in the
 This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.

YERIMA AND SEZER: DroidFusion: NOVEL MULTILEVEL CLASSIFIER FUSION APPROACH FOR ANDROID MALWARE DETECTION 5

training-validation set according to the combination pair, the B. Proposed Ranking-Based Algorithms
class prediction of each instance x will be given by The design of our proposed algorithms is influenced by the
⎧ Z Z observation that most typical classifiers perform differently for
⎪ i=1 ωi vi +i=1 μi vi
⎪
⎪ 1 : if  ≥ 0.5 both classes. That is, class accuracy performance for benign
⎨ Z Z
i=1 ωi + i=1 μi
CSjSn (x) = 0 : otherwise (9) and malware are very rarely equal in magnitude. The proposed
⎪
⎪ ∀j ∈ {1, 2, 3, 4}, ∀n ∈ {1, 2, 3, 4} ranking-based algorithms include the following.
⎪
⎩
j = n, SjSn ≡ SnSj. 1) An AAB ranking scheme.
2) A CDB ranking scheme.
Therefore, computing benign class accuracy and malware class 3) An RAPC-based scheme.
accuracy will utilize 4) An RACD-based scheme.
X  1) Average Accuracy-Based Ranking Scheme: With the
x=1 CSjSn (x) + 1 |CSjSn (x) = 0, l(x) = 0
Pben
SjSn = (10) AAB method, the ranking is designed to be directly propor-
B tional to the average prediction accuracies across the classes.
and In this case, base classifiers with larger overall accuracy
X performance will rank higher. AAB does not take into account
x=1 CSjSn (x)|CSjSn (x) = 1, l(x) = 1
Pmal = (11) how well a base classifier performs for a particular class. Let
SjSn
X−B AAB be the first scheme S1, from set S. The algorithm is
respectively. The average performance accuracy for the pair- summarized as follows.
wise schemes will then be given by Let Pbase be the set of performance accuracies Pk,c ∈ Pbase
of K base classifiers. If m denotes malware and b, benign then
B · Pben
SjSn + (X − B) · PSjSn
mal
the average accuracy of the kth base classifier is given by
ṖSjSn = . (12) 
X
ak = 0.5 × Pk,c |k ∈ {1, . . . , K}, 0 < Pk,c ≤ 1. (18)
∀j ∈ {1, 2, 3, 4}, ∀n ∈ {1, 2, 3, 4}, j = n, SjSn ≡ SnSj. c=m,b

Equivalently, the unweighted majority vote class predictions Let A ← ak , ∀k ∈ {1, . . . , K} be a set of the average predictive
for instance x is given by accuracies, to which a ranking function Rankdesc (.) is applied
 K Ā ← Rankdesc (A). (19)
k=1 vi
Cmv (x) = 1 : if K ≥ 0.5 (13) Thus, Ā contains an ordered ranking of the level-1 base classi-
0 : otherwise ∀k ∈ {1, . . . , K}.
fiers average predictive accuracies in descending order. Next,
Hence, the benign class accuracy performance for the the top Z rankings are utilized in weight assignments as
unweighted scheme will be given by follows:
X ω1 = Z, ω2 = Z − 1, . . . , ωZ = 1, Z ≤ K. (20)
x=1 (Cmv (x) + 1)|Cmv (x) = 0, l(x) = 0
Pben
mv = . (14)
B Thus, the AAB class prediction C(x) for instance x in the
Likewise, the malware class accuracy performance for the training-validation set is given by (5) or given by (9) when
unweighted scheme is given by used in the pairwise combination with another scheme.
2) Class Differential-Based Ranking Scheme: With the
X
Cmv (x)|Cmv (x) = 1, l(x) = 1 CDB method, the ranking is directly proportional to the aver-
Pmv = x=1
mal
. (15) age predictive accuracy and inversely proportional to the abso-
X−B
lute value of the performance difference between the classes.
Finally, the average accuracy performance for the unweighted Assuming a binary classification problem, this approach will
scheme is given by be less likely to favor the decision from a base classifier that
B · Pben exhibits much higher accuracy in one class over the other but
mv + (X − B) · Pmv
mal
Ṗmv = . (16) will assign larger weights to good classifiers that perform rel-
X
atively well in both classes. The CDB procedure is described
After all the reclassifications are completed, and the aver- as follows.
age accuracies computed, the applicable scheme that will be Suppose the CDB method is taken as scheme S2, let the
utilized to construct the DroidFusion model is selected thus average accuracy of each base classifier be given by ak in (18)

argφ max(Ṗφ ), and define D̄ with cardinality K as a set of ordered rankings

(17) in descending order of magnitude. Calculate dk proportional
φ = {S1S2, S1S3, S1S4, S2S3, S2S4, S3S4, mv}.
to average accuracies and inversely proportional to absolute
Suppose that S1 and S3 pair are selected by the operation in difference of interclass accuracies
(17), then the class of a given unlabeled instance during the ak
dk =   , k ∈ {1, . . . , K}. (21)
testing or unknown instances prediction (during model deploy- Pk,m − Pk,b 
ment) will be computed by (9) with j = 1 and n = 3. Next,
Let D ← dk , ∀k ∈ {1, . . . , K} be a set of the dk values, to
we describe the four ranking-based algorithms underpinning
which the ranking function Rankdesc (.) is applied
the schemes in set S that utilize Pbase to accomplish all of the
above described DroidFusion level-2 steps. D̄ ← Rankdesc (D). (22)
 This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.
6 IEEE TRANSACTIONS ON CYBERNETICS
With D̄ containing the ordered rankings of dk values, the top
Z rankings are also utilized to assigned weights according
to (20). Thus, the S2 = CDB class prediction for an instance
x is determined from (5). Whenever S2 = CDB is used (in
conjunction with another scheme) within a pair in the set
expressed by (4), then (9) will be used for the class prediction
of the instance.
3) Ranked Aggregate of Per Class Accuracies-Based
Scheme: In the RAPC method, the ranking is directly pro-
portional to the sum of the initial per class rankings of the
accuracies of the base classifiers. This method is more likely
to assign a larger weight to a base classifier that performs very
well in both classes. RAPC is summarized as follows.
With F̄ defined as the set of ordered rankings with cardi-
nality K, given the initial performance accuracies of Pk,c of
the K base classifiers
Pm ← Pk,c where c = b
, k ∈ {1, . . . , K}, c ∈ {m, b}. (23)
Pb ← Pk,c where c = m
We then apply the ranking function Rankdesc (.) to both
with these initial (base classifier) predictions to reclassify
P̄m ← Rankdesc (Pm )
(24)
P̄b ← Rankdesc (Pb ).
The per-class rankings for each base classifier are aggregated
and then ranked again
fk ← P̄k,m + P̄k,b
, ∀k ∈ {1, . . . , K} (25)
F ← fk
F̄ ← Rankdesc (F).
Finally, from the set F̄ comprising k ordered values of F,
we select the top Z rankings and use them to assign weights
according to (20). Suppose the RAPC scheme is taken as
S3, we can determine the class prediction for an instance x
from (5). If S3 = RAPC is used (in conjunction with another
scheme) within a pair in the set expressed by (4), then (9) will
be employed for the class prediction of the instance.
4) Ranked Aggregate of Average Accuracy and Class
Differential Scheme: With RACD, the ranking is directly pro-
portional to the sum of the initial rankings of the average
performance accuracies and the initial rankings of the dif-
ference in performance between the classes. This method is
designed to assign a larger weight to the base classifiers with
good initial overall accuracy that also have a relatively smaller
difference in performance between the classes. The algorithm
is described as follows.
Suppose, we take the RACD method as scheme S4, define
a set H̄ for ordered values with cardinality K. Given A, the
set of computed average accuracies for each base classifier
(determined in the AAB scheme) compute the class differential
for each corresponding classifier as follows:
gk ← |Pk,m − Pk,b |, k ∈ {1, . . . , K}.
Define G ← gk , ∀k ∈ {1, . . . , K} as the ordered set of gk
values to which a ranking function Rankascen (.) is applied to
rank gk in ascending order of magnitude
Ḡ ← Rankascen (G).
Then, for each base classifier, aggregate the values and apply
the ranking function Rankdesc (.)
hk ← Ak + Gk
, Ak ∈ Ā, Gk ∈ Ḡ, ∀k ∈ {1, . . . , K} (29)
H ← hk
H̄ ← Rankdesc (H). (30)
Thus, H̄ is the set containing the ranked values of H in
descending order of magnitude. The top Z rankings are then
used according to (20) to assign the weights.
C. Model Complexity
As mentioned earlier, the base classifiers initial accuracies
are estimated using a stratified N-fold cross-validation tech-
nique. This procedure will be performed only once during
training (on the training-validation set) and the preliminary
predictions for all x instances in X for every base classifier
will be determined from the procedure. The configurations
(weights) computed from each algorithm is applied together
each instance accordingly. Since level-2 training of instances
requires only reclassification using V̇(x), ∀x ∈ X, the time
complexity for utilizing R level-2 algorithms to predict the
classes of X instances using (5) will be given by O(RX). The
pairwise class predictions also involve reclassification, thus
the complexity involved for predicting the class
 of X instances
using (9) will be given by O(JX), where J = R2 . Likewise, for
(26) the unweighted majority vote the complexity will be O(X) as
reclassification is involved also. Since we utilize unweighted
majority vote and pairwise combinations for final model build-
ing using (17) the total training time complexity in level-2 is
therefore given by O(X)+O(JX) = O((J+1)X) where J = R2
for the R level-2 ranking-based algorithms.
IV. I NVESTIGATION M ETHODOLOGY
A. Automated Static Analyzer for Feature Extraction
The features used in the experimental evaluation of the
DroidFusion system are obtained using an automated static
analysis tool developed with Python. The tool enables us to
extract permissions and intents from the application mani-
fest file after decompiling with AXMLprinter2 (a library for
decompiling Android manifest files). In addition, API calls are
extracted through reverse engineering the .dex files by means
of Baksmali disassembler. The static analyzer also searches
for dangerous Linux commands from the application files and
checks for the presence of embedded .dex, .jar, .so, and .exe
files within the application. Previous works [35] have shown
that these set of static application attributes provide discrim-
inative features for machine learning-based Android malware
detection, hence, we utilized them for DroidFusion experi-
(27)
ments. Furthermore, while extracting API calls, third party
libraries are excluded using the list of popular ad libraries
obtained from [36]. Fig. 2 shows an overview of the feature
extraction process using our the static app analyzer. The fea-
tures are represented in binary form and labeled with class
(28) values in all the datasets.
 This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.
YERIMA AND SEZER: DroidFusion: NOVEL MULTILEVEL CLASSIFIER FUSION APPROACH FOR ANDROID MALWARE DETECTION
Fig. 2. Overview of the python-based static analyzer for automated feature
extraction.
B. Feature Selection
Feature ranking and selection is usually applied for dimen-
sionality reduction which in turn lowers model computational
cost. The study in this paper utilized four datasets for evaluat-
ing DroidFusion. One of the datasets is derived from feature
reduction of an initial set of 350 features down to 100 by
applying the information gain (IG) feature ranking approach
to rank the features and then selecting the top n features. IG
evaluates the features by calculating the IG achieved by each
feature. Specifically, given a feature X, IG is expressed as
IG = E(X) − E(X/Y)
where E(X) and E(X/Y) represent the entropy of the feature
X before and after observing the feature Y, respectively. The
entropy of feature X is given by

E(X) = − p(x) log2 (p(x)) (32)
x∈X
where p(x) is the marginal probability density function for the
random variable X. Similarly, the entropy of X relative to Y
is given by [38]
 
E(X/Y) = − p(x) p(x|y) log2 (p(x|y)) (33)
x∈X x∈X
where p(x|y) is the conditional probability of x given y. The
higher the reduction of the entropy of feature X, the greater
the significance of the feature.
C. Model Evaluation Metrics
The following performance metrics are considered in the
evaluation of the models.
1) TPR: The ratio of correctly classified malicious apps to
the total number of malicious apps. This is given by
TP
TPR =
TP + FN
where true positives (TP) is the number of correct
predictions of malware classification and FN (False neg-
atives) is the number of misclassified malware instances
in the set. TPR is also synonymous with recall and
sensitivity.
7
2) FPR: The ratio of incorrectly classified benign instances
to the total number of benign instances, given by
FP
FPR = (35)
TN + FP
where false positives (FP) is the number of incorrect
predictions of benign classifications while TN (true neg-
atives) is the number of correct predictions of benign
instances.
3) Precision: It is also known as positive predictive rate is
calculated as follows:
TP
Precision = . (36)
TP + FP
4) F-Measure: This metric combines precision and recall
as follows:
2 · precision · recall
FM = . (37)
precision + recall
In [20], is has been shown that (especially for unbal-
anced datasets) F-measure is a better metric than the
area under curve for the receiver operating cost which
uses values of TPR and FPR to plot a graph for dif-
ferent thresholds. Thus, in our experiments we utilize
F-measure as the main indicator of predictive power.
Note that precision and recall can be calculated for both
malware and benign classes. Hence, if Fm and Fb are
(31) the F-measures for malware and benign classes, respec-
tively, while Nm and Nb are the number of instances
in each class, the combined metric known as weighted
F-measure is the sum of F-measures weighted by the
number of instances in each class, given by
Fm · Nm + Fb · Nb
WFM = . (38)
Nm + Nb
5) Time taken to test the model. This is the time in sec-
onds to test a constructed model from the testing set.
All models were evaluated on a Windows 7 Enterprise
64-bit PC with 32 GB of RAM and Intel Xeon CPU
3.10-GHz speed.
D. Datasets Description
The experiments performed to evaluate DroidFusion was
done using four datasets from three collections of Android app
samples. Table II shows the details of each of the datasets.
The first one (Malgenome-215) consists of feature vectors
from 3799 app samples, where 2539 were benign and 1260
were malware samples from the Android malware genome
project [3], a reference malware samples collection widely
used by the malware research community. This dataset con-
tains 215 features. The second dataset (Drebin-215) also
consists of vectors of 215 features from 15 036 app samples;
(34) of these, 9476 were benign samples while the remaining 5560
were malware samples from the Drebin project [4]. The Drebin
samples are also publicly available and widely used in the
research community. Both Drebin-215 and Malgenome-215
datasets are made available in the supplementary material.
The final two datasets come from the same source of sam-
ples. These are McAfee-350 and McAfee-100 in the table.
 This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.
8 IEEE TRANSACTIONS ON CYBERNETICS
TABLE II
DATASETS U SED FOR THE D ROID F USION E VALUATION E XPERIMENTS
They both have 36 183 instances of feature vectors derived
from 13 805 malware samples and 22 378 benign samples
made available to us by Intel Security. Dataset #3 has 350
features, while dataset #4 has the top 100 features with the
largest IG from the original 350 features in dataset #3. In the
experiments presented, datasets #1–#3 are used to investigate
DroidFusion with singular base classifiers, while dataset #4
is used to study the fusion of ensemble base classifiers with
DroidFusion. Note that all of the features were extracted using
our static app analysis tool described in Section IV-A.
V. R ESULTS AND D ISCUSSION
In this section, we present and discuss the results of four
sets of experiments performed to evaluate DroidFusion
performance. We utilized the open source Waikato
Environment for Knowledge Analysis (WEKA) toolkit [37]
to implement and evaluate DroidFusion. Feature ranking and
reduction of dataset #3 into dataset #4 was also done with
WEKA. In all the experiments we set K = 5, i.e., five base
classifiers are utilized. Also, we take N = 10 and Z = 3 for
the cross-validation and weight assignments, respectively. In
the first three sets of experiments, nonensemble base classi-
fiers were used, which were: J48, REPTree, voted perceptron,
and random tree. The random tree learner was used to build
two separate classifier models using different configurations,
i.e., random tree-100 and random tree-9. With random trees,
the number of variables selected at each split during tree
construction is a configuration parameter which by default
(in WEKA) is given by: log2 f + 1, where f is the number of
features (# variables = 9 for f = 350 with the McAfee-350
dataset). The same configuration is used in the Drebin-215
and Malgenome-215 experiments for consistency. Thus,
selecting 100 and 9 for random tree-100 and random tree-9,
respectively, results in two different base classifier models.
Random tree, REPTree, J48, and voted perceptron were
selected as example base classifiers (out of 12 base classi-
fiers) because of their combined accuracy and training time
performance as determined from preliminary investigation;
a different set of learning algorithms can be used with
DroidFusion since it designed to be general-purpose, and not
specific to a particular type of machine learning algorithm.
A. Performance of DroidFusion With the
Malgenome-215 Dataset
In order to evaluate DroidFusion on the Malgenome-215
dataset, we split the dataset into two parts, one for testing
and another for training-validation. The ratio was training-
validation: 80% and testing: 20%. The stratified tenfold cross-
validation approach was used to construct the DroidFusion
TABLE III
M ALGENOME 215 T RAIN -VALIDATION S ET R ESULTS AND L EVEL -2
A LGORITHM -BASED R ANKINGS FOR THE BASE C LASSIFIERS
(5 = H IGHEST R ANK AND 1 = L OWEST )
TABLE IV
M ALGENOME 215 T RAIN -VALIDATION S ET L EVEL -2
C OMBINATION S CHEMES I NTERMEDIATE R ESULTS
model using the training-validation set. Table III shows the
per-class accuracies of each of the five base classifiers result-
ing from tenfold cross-validation on the training-validation set.
The subsequent rankings determined from AAB, CDB, RAPC,
and RACD are also presented. Each of the algorithms induced
a different set of rankings from the base classifiers accuracies.
After applying (9) to the instances in the training-validation
set and computing the accuracies with (10)–(12), we obtained
the performances of the pairwise combinations of the level-2
algorithms as shown in Table IV.
The results in Table IV clearly depict the overall
performance improvement achieved by the level-2 combi-
nation schemes over the individual base classifiers. From
Table III, J48 has the best malware recall of 0.975 but its
recall for benign class is 0.983. On the other hand, voted per-
ceptron had the best recall of 0.991 for the benign class, but its
recall for the malware class is 0.971 (on the training-validation
set). On the training-validation set, the best combination is
AAB+RAPC (i.e., S1S3 pair) having 0.984 recall for mal-
ware and 0.992 recall for benign class, and a weighted
F-measure of 0.9893. J48 and voted perceptron had weighted
F-measures of 0.9804 and 0.9843, respectively. These were
below all of the weighted F-measures achieved by the combi-
nation schemes shown in Table IV. Hence, these intermediate
training-validation set results already show the capability of
the DroidFusion approach to produce stronger models from
the weaker base classifiers.
After the model has been built with the help of the
training-validation set, the full DroidFusion model (featur-
ing AAB+RAPC in level-2) was evaluated on the test set.
For comparison, the base classifier models were retrained on
the complete training-validation set and then tested on the
same test set. The results are shown in Table V. Fig. 3, is
a graph of the respective weighted F-measures. The results
of DroidFusion are also compared to those of three classifier
 This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.
YERIMA AND SEZER: DroidFusion: NOVEL MULTILEVEL CLASSIFIER FUSION APPROACH FOR ANDROID MALWARE DETECTION
TABLE V
M ALGENOME 215 C OMPARISON OF D ROID F USION W ITH BASE
C LASSIFIERS AND T RADITIONAL C OMBINATION
S CHEMES ON T EST S ET
Fig. 3. Weighted F-measure results from the Malgenome-215 dataset
experiments.
combination methods: 1) majority vote; 2) maximum probabil-
ity; and 3) average of probabilities [13], and a meta learning
method known as multischeme. The multischeme approach
evaluates a given number of base classifiers in order to select
the best model. In WEKA, it can be configured to use cross-
validation or to build its model on the entire training set. In
our experiments we selected tenfold cross-validation config-
uration for the multischeme learner to enable a comparative
equivalent to DroidFusion. Time T(s) depicts the testing time
on the entire instances in the test set for each of the methods
in Table V.
On the test set, random tree-100 recorded the best weighted
F-measure out of the five base classifiers. Table V shows
that higher precision, recall (for both classes), and a larger
weighted F-measure was obtained with DroidFusion compared
to all of the base classifiers. DroidFusion also performed bet-
ter than MultiScheme and all the three combination schemes.
These results with Malgenome-215 dataset demonstrate the
effectiveness of the DroidFusion approach.
B. Performance of DroidFusion With the Drebin-215 Dataset
In this section, we present the evaluation of DroidFusion
on the Drebin-215 dataset. Table VI shows the predictive
9
TABLE VI
DREBIN 215 T RAIN -VALIDATION S ET R ESULTS AND L EVEL -2
A LGORITHM -BASED R ANKINGS FOR THE BASE C LASSIFIERS
(5 = H IGHEST R ANK AND 1 = L OWEST )
TABLE VII
DREBIN 215 T RAIN -VALIDATION S ET L EVEL -2 C OMBINATION
S CHEMES I NTERMEDIATE R ESULTS
accuracies on the five nonensemble base classifiers on the
training-validation set during DroidFusion model training. The
split ratios for the training-validation and testing sets was
90%:10% and the tenfold cross-validation procedure was uti-
lized during training. The rankings induced by AAB, CDB,
RAPC, and RACD algorithms are also shown. Again, applying
(9) to the instances in the training-validation set and comput-
ing accuracies with (10)–(12) the performances of the pairwise
combinations of the level-2 algorithms are shown in Table VII.
From Table VI, random tree-100 had the best recall rate for
the malware class (i.e., 0.968) while J48 had the best recall
rate for the benign class (0.983). On the training-validation
set, the weighted F-measure for random tree-100 was 0.9762,
while that of J48 was 0.9741. Looking at Table VII, all of the
combination schemes had better weighted F-measures (than
the base classifiers) indicating accuracy performance enhance-
ment potential at this stage. The best combination is the
RAPC+RACD (S3S4 pair) scheme, whose configuration is
selected to build the final DroidFusion model.
After the full DroidFusion model was built, it was then
evaluated on the test set. The base classifiers were retrained
on the entire training-validation set and tested on the test
set for comparison. The results are presented in Table VIII,
where random tree-100 can be seen to have the best weighted
F-measure (0.9824) out of the five base classifiers. The
DroidFusion model recorded the best precision and recall
(for both classes) compared to the base classifiers result-
ing in a weighted F-measure of 0.9872. Fig. 4 illustrates
the graph of F-measures for the test set results. DroidFusion
can be seen to also perform better than majority vote, maxi-
mum probability, average of probabilities, and multischeme.
These results clearly demonstrate the effectiveness of the
DroidFusion approach.
 This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.
10
TABLE VIII
DREBIN 215 C OMPARISON OF D ROID F USION W ITH BASE C LASSIFIERS
AND T RADITIONAL C OMBINATION S CHEMES ON T EST S ET
Fig. 4. Weighted F-measure results from the Drebin-215 dataset experiments.
C. Performance of DroidFusion With the
McAfee-350 Dataset
In this section, the results of experiments on the McAfee-
350 dataset are presented. The same split ratios for training-
validation/testing and the procedures applied in the previous
experiment was adopted. The rankings from AAB, CDB,
RAPC, and RACD are shown in Table IX alongside the per-
class accuracy performances on the validation set that induced
the rankings. Just like in the previous experiments, we apply
(9) to the instances in the training-validation set and compute
the accuracies with (10)–(12). The resulting performances of
the pairwise combinations of the level-2 algorithms are shown
in Table X.
From Table IX (training-validation set results for the base
classifiers), J48 had the best benign class recall of 0.973
amongst the five base classifiers. Random tree-100 had the
best malware class recall of 0.948 out of the five base clas-
sifiers. J48 had the highest weighted F-measure of 0.9684.
This is less than the weighted F-measure of all combination
schemes (shown in Table X) except the AAB+CDB scheme
which had a weighed F-measure of 0.9618. These intermediate
results of the DroidFusion approach demonstrate the potential
performance improvement obtainable in the final model.
Table XI shows the results of the base classifiers and the
final DroidFusion model on the test set. The table and the
IEEE TRANSACTIONS ON CYBERNETICS
TABLE IX
M C A FEE T RAIN -VALIDATION S ET R ESULTS AND L EVEL -2
A LGORITHM -BASED R ANKINGS FOR THE BASE C LASSIFIERS
(5 = H IGHEST R ANK AND 1 = L OWEST )
TABLE X
M C A FEE 350 T RAIN -VALIDATION S ET L EVEL -2 C OMBINATION
S CHEMES I NTERMEDIATE R ESULTS
graphs in Fig. 5 clearly show that DroidFusion increases
performance accuracy over the single-algorithm base classi-
fiers. DroidFusion results are equal to that of majority vote
and average of probabilities but perform better than the max-
imum probability and multischeme methods. This is because,
(17) selected mv as the strongest classifier over any of the
pairs based on the computations on the initial N-fold cross-
validation predictions of the base classifiers. The mv scheme
in this case achieved a W-FM of 0.9735 compared to 0.9724
obtained by CDB+RAPC (S2S3 pair) and RAPC+RACD
(S3S4 pair). Therefore, DroidFusion was configured to use
(13)–(16) on the test set. However, if either of the strongest
pairs had been used, it would result in a weighted F-measure
performance of 0.9777 on the test set; which still surpasses the
weighted F-measures from maximum probability (0.9423) and
those of the five original base classifiers. These results once
again confirm the effectiveness of the proposed DroidFusion
approach. In the next section, we presents results obtained
from experiments investigating ensemble learners as base
classifiers.
D. Performance of DroidFusion With the McAfee-100
Dataset Using Ensemble Learners As Base Classifiers
In this section, we present results of experiments per-
formed to investigate the feasibility of utilizing DroidFusion to
enhance accuracy performance by combining ensemble clas-
sifiers rather than traditional singular classifiers. Ensemble
learners have been shown to perform well in classification
problems [14], [33]. Our goal is to investigate whether by
using DroidFusion for fusion of ensemble classifiers, further
accuracy improvements can be achieved. For our ensemble
learning-based experiments, we reduced the number of fea-
tures from 350 down to 100 using the IG feature ranking tech-
nique (31)–(33). The ensemble learners considered as example
 This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.
YERIMA AND SEZER: DroidFusion: NOVEL MULTILEVEL CLASSIFIER FUSION APPROACH FOR ANDROID MALWARE DETECTION
TABLE XI
M C A FEE 350 C OMPARISON OF D ROID F USION W ITH BASE C LASSIFIERS
AND T RADITIONAL C OMBINATION S CHEMES ON T EST S ET
Fig. 5. Weighted F-measure results from the McAfee-350 dataset experi-
ments.
base classifiers include: random forest [39], AdaBoost [40]
(with random tree base classifier), random committee (with
random tree base classifier), random subspace [41] (with ran-
dom tree base classifier), and random subspace with REPTree
base classifier. Note that the two random subspace learners
with different base classifiers yield completely different mod-
els. In terms of number of iterations for the ensemble learners
the configurations used were: AdaBoost (25 iterations), ran-
dom forest, random committee, and random subspace (ten
iterations each). Our choice of random tree as base learner
for the ensemble (base) classifiers comes from our prelimi-
nary experiments (omitted due to space constraint) which also
confirms previous suggestion that it produces the strongest
classifiers for most ensemble methods [42]. In the prelimi-
nary experiments, it was also found that by taking the top 100
features only a marginal drop in performance was observed for
the ensemble base classifiers. Hence, this enabled us undertake
the experiments with ensemble classifiers using a significantly
reduced dimension while using the same number of instances
(i.e., 36 183).
Table XII shows the accuracy performance of the five
ensemble models used as the DroidFusion base classifiers on
the training-validation set instances (using the tenfold cross-
validation). The corresponding AAB, CDB, RAPC, and RACD
11
TABLE XII
M C A FEE 100 T RAIN -VALIDATION S ET R ESULTS AND L EVEL -2
A LGORITHM -BASED R ANKINGS FOR THE (E NSEMBLE ) BASE
C LASSIFIERS (5 = H IGHEST R ANK AND 1 = L OWEST )
TABLE XIII
M C A FEE -100 T RAIN -VALIDATION S ET L EVEL -2 C OMBINATION
S CHEMES I NTERMEDIATE R ESULTS
Fig. 6. Weighted F-measure results from the McAfee-100 dataset experi-
ments with ensemble base classifiers.
rankings are also depicted. Similar to the previous experi-
ments, the level-2 combination schemes performance improves
on that of the individual ensemble classifiers. This is also
indicative of potential performance improvement obtainable
when the final model is constructed. In this case, AAB+RAPC
(S1S3 pair) is the recommended configuration as seen from
Table XIII results.
In Table XIV, the test set results of the ensemble clas-
sifiers and those of DroidFusion are given. The results of
multischeme, majority vote, average of probabilities, and max-
imum probabilities are also shown. DroidFusion improves
benign recall rates over all of the ensemble models in the
base classifier level. The overall weighted F-measure of
DroidFusion is the highest as shown in Table XIV and Fig. 6
graphs. This shows that the DroidFusion approach can also be
effectively applied for fusion of ensemble classifiers.
 This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.

12 IEEE TRANSACTIONS ON CYBERNETICS

TABLE XIV
M C A FEE 100 C OMPARISON OF D ROID F USION W ITH (E NSEMBLE ) BASE
C LASSIFIERS AND T RADITIONAL C OMBINATION S CHEMES ON T EST S ET

Fig. 7. DroidFusion versus stacking results (weighted F-measure).

TABLE XV
D ROID F USION V ERSUS S TACKED G ENERALIZATION
FOR THE F OUR DATASETS

E. Performance of DroidFusion Versus

Stacked Generalization
Stacked generalization [43], has a similar (multilevel) archi-
tecture to DroidFusion. It is also a well-known framework
for classifier fusion which has been extensively studied and
applied to many machine learning problems. For this reason,
we compared our proposed approach to the stacked generaliza-
tion method. One noticeable difference between our approach
and stacked generalization is that instead of training with a
meta- learner in level-2, we utilized a computational approach
where ranking algorithms are used to combine the outcomes
of the lower level classifiers. We used the StackingC imple-
mentation in WEKA which uses a linear regression meta
TABLE XVI
classifier in level-2. Note that this is considered to be the A NALYSIS OF A PP P ROCESSING T IME
most effective stacked generalization configuration [44] (given
that any learning algorithm can be chosen as the meta classi-
fier). The StackingC learner is also configured to use tenfold
cross-validation when combining the base learners.
Applying the stacked generalization algorithm to the same
base classifiers and with the same four datasets the results
are given in Fig. 7 and Table XV. From Fig. 7, the weighted
F-measures comparative results for the four datasets showed
that StackingC achieved a better performance only in the
case of the Malgenome-215 dataset. On all the other three app which can range between a few kilobytes to a several
datasets, DroidFusion performed better. A notable advantage megabytes. Hence, the average unzipping and disassembly
of DroidFusion over Stacking is that it provides a wider range time was 0.739 s while the average time to analyze the man-
of criteria for weighting and fusion of base classifiers through ifest and extract permissions, intents, etc. was 0.0048 s. The
the use of four separate algorithms; by contrast, stacking (with rest of the processing involves mining the disassembled files
liner regression meta classifier) effectively combines classifiers and scanning for other attributes. This took on average 6.4 s.
based on only one criterion (i.e., weighting the base classi- The total average processing time for the apps was therefore
fiers according to their relative strengths (overall performance approximately 7.145 s. During the experiments the feature vec-
accuracies) [44]). tors were fed into trained models for testing. The DroidFusion
model testing times were 0.07 s (for 759 instances), 0.38 s
(for 1503 instances), 7.02 s (for 3618 instances), and 0.22 s
F. Analysis of Time Performance (for 3618 instances) in the four sets of experimental results
As mentioned earlier, the app processing to extract features presented earlier. These figures clearly illustrate the scalabil-
was done using our bespoke Python-based tool described in ity of static-based features solution with only an average of
Section IV-A. Table XVI presents an overview of app pro- just over 7 s required to process an app and classify it using a
cessing time estimates. This is dependent on the size of the trained DroidFusion model. Thus, it is feasible in practice to
 This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.
YERIMA AND SEZER: DroidFusion: NOVEL MULTILEVEL CLASSIFIER FUSION APPROACH FOR ANDROID MALWARE DETECTION
deploy the system for scenarios requiring rapid analyses for
large scale vetting or screening of apps.
Note that although this paper is based on specific static
features, classifiers trained from other types of features can
also be combined using DroidFusion. Basically, DroidFusion
is agnostic to the feature engineering process.
G. Limitations of DroidFusion
Although the proposed general-purpose DroidFusion
approach has been demonstrated empirically to enable
improved accuracy performance by classifier fusion, there
is scope for further improvement. The current DroidFusion
design is aimed at binary classification. Future work could
investigate extending the algorithms in the DroidFusion
framework to handle multiclass problems.
VI. C ONCLUSION
In this paper, we proposed a novel general purpose
multilevel classifier fusion approach (DroidFusion) for
Android malware detection. The DroidFusion framework
is based on four proposed ranking-based algorithms that
enable higher-level fusion using a computational approach
rather than the traditional meta classifier training that is
used for example in stacked generalization. We empiri-
cally evaluated DroidFusion using four separate datasets. The
results presented demonstrates its effectiveness for improving
performance using both nonensemble and ensemble base clas-
sifiers. Furthermore, we showed that our proposed approach
can outperform stacked generalization whilst utilizing only
computational processes for model building rather than train-
ing a meta classifier at the higher level.
R EFERENCES
[1] Smartphone OS Market Share Worldwide 2009-2015 Statistics,
Statista, Hamburg, Germany, 2017. [Online]. Available:
https://www.statista.com/statistics/263453/global-market-share-held-
by-smartphone-operating-systems
[2] McAfee Labs Threat Predictions Report, McAfee Labs, Santa Clara, CA,
USA, Mar. 2016.
[3] Y. Zhou and X. Jiang, “Dissecting Android malware: Characterization
and evolution,” in Proc. IEEE Symp. Security Privacy (SP),
San Francisco, CA, USA, May 2012, pp. 95–109.
[4] D. Arp, M. Spreitzenbarth, M. Hubner, H. Gascon, and K. Rieck,
“Drebin: Efficient and explainable detection of Android malware in your
pocket,” in Proc. 20th Annu. Netw. Distrib. Syst. Security Symp. (NDSS),
San Diego, CA, USA, Feb. 2014, pp. 1–15.
[5] A. Apvrille and R. Nigam. (Jul. 2014). Obfuscation in Android
Malware and How to Fight Back Virus Bulletin. Accessed: Sep. 2017.
[Online]. Available: https://www.virusbulletin.com/virusbulletin/
2014/07/obfuscation-android-malware-and-how-fight-back
[6] Y. Jing, Z. Zhao, G.-J. Ahn, and H. Hu, “Morpheus: Automatically gen-
erating heuristics to detect Android emulators,” in Proc. 30th Annu.
Comput. Security Appl. Conf. (ACSAC), New Orleans, LA, USA,
Dec. 2014, pp. 216–225.
[7] T. Vidas and N. Christin, “Evading Android runtime analysis via sand-
box detection,” in Proc. 9th ACM Symp. Inf. Comput. Commun. Security,
Kyoto, Japan, Jun. 2014, pp. 447–458.
[8] T. Petsas, G. Voyatzis, E. Athanasopoulos, M. Polychronakis, and
S. Ioannidis, “Rage against the virtual machine: Hindering dynamic
analysis of Android malware,” in Proc. 7th Eur. Workshop Syst. Security
(EuroSec), Amsterdam, The Netherlands, Apr. 2014, p. 5.
[9] F. Matenaar and P. Schulz. (Aug. 2012). Detecting Android
Sandboxes. Accessed: Nov. 2017. [Online]. Available:
http://www.dexlabs.org/blog/btdetect
13
[10] S. R. Choudhary, A. Gorla, and A. Orso, “Automated test input gen-
eration for Android: Are we there yet?” in Proc. 30th IEEE/ACM Int.
Conf. Autom. Softw. Eng. (ASE), Nov. 2015, pp. 429–440.
[11] D.-J. Wu, C.-H. Mao, T.-E. Wei, H.-M. Lee, and K.-P. Wu, “DroidMat:
Android malware detection through manifest and API calls tracing,” in
Proc. 7th Asia Joint Conf. Inf. Security (Asia JCIS), 2012, pp. 62–69.
[12] S. Y. Yerima, S. Sezer, and I. Muttik, “Android malware detection: An
eigenspace analysis approach,” in Proc. Sci. Inf. Conf. (SAI), London,
U.K., Jul. 2015, pp. 1236–1242.
[13] S. Y. Yerima, S. Sezer, and I. Muttik, “Android malware detection using
parallel machine learning classifiers,” in Proc. 8th Int. Conf. Next Gener.
Mobile Apps Services Technol. (NGMAST), Oxford, U.K., Sep. 2014,
pp. 37–42
[14] S. Y. Yerima, S. Sezer, and I. Muttik, “High accuracy Android mal-
ware detection using ensemble learning,” IET Inf. Security, vol. 9, no. 6,
pp. 313–320, Nov. 2015.
[15] M. V. Varsha, P. Vinod, and K. A. Dhanya, “Identification of malicious
Android app using manifest and opcode features,” J. Comput. Virol.
Hacking Tech., vol. 13, no. 2, pp. 125–138, 2017.
[16] A. Sharma and S. K. Dash, “Mining API calls and permissions for
Android malware detection,” in Cryptology and Network Security. Cham,
Switzerland: Springer Int., 2014, pp. 191–205.
[17] P. P. K. Chan and W.-K. Song, “Static detection of Android malware
by using permissions and API calls,” in Proc. Int. Conf. Mach. Learn.
Cybern., vol. 1. Lanzhou, China, Jul. 2014, pp. 82–87.
[18] W. Wang et al., “Exploring permission-induced risk in Android appli-
cations for malicious application detection,” IEEE Trans. Inf. Forensics
Security, vol. 9, no. 11, pp. 1869–1882, Nov. 2014.
[19] M. Fan et al., “DAPASA: Detecting Android piggybacked apps through
sensitive subgraph analysis,” IEEE Trans. Inf. Forensics Security, vol. 12,
no. 8, pp. 1772–1785, Aug. 2017.
[20] L. Cen, C. S. Gates, L. Si, and N. Li, “A probabilistic discriminative
model for Android malware detection with decompiled source code,”
IEEE Trans. Depend. Secure Comput., vol. 12, no. 4, pp. 400–412,
Jul./Aug. 2015.
[21] Westyarian, Y. Rosmansyah, and B. Dabarsyan, “Malware detec-
tion on Android smartphones using API class and machine learn-
ing,” in Proc. Int. Conf. Elect. Eng. Informat. (ICEEI), Aug. 2015,
pp. 294–297.
[22] F. Idrees and M. Rajarajan, “Investigating the Android intents and per-
missions for malware detection,” in Proc. 10th IEEE Int. Conf. Wireless
Mobile Comput. Netw. Commun. (WiMob), Oct. 2014, pp. 354–358.
[23] B. Kang, S. Y. Yerima, S. Sezer, and K. McLaughlin, “N-gram opcode
analysis for Android malware detection,” Int. J. Cyber Situational
Awareness, vol. 1, no. 1, pp. 231–254, Nov. 2016.
[24] M. Zhao, F. Ge, T. Zhang, and Z. Yuan, “AntiMalDroid: An effi-
cient SVM-based malware detection framework for Android,” in
Communications in Computer and Information Science, vol. 243, C. Liu,
J. Chang, and A. Yang, Eds. Heidelberg, Germany: Springer, 2011.
pp. 158–166.
[25] W.-C. Wu and S.-H. Hung, “DroidDolphin: A dynamic Android malware
detection framework using big data and machine learning,” in Proc. ACM
Conf. Res. Adapt. Convergent Syst. (RACS), Towson, MD, USA, 2014,
pp. 247–252.
[26] V. M. Afonso, M. F. de Amorim, A. R. A. Grégio, G. B. Junquera, and
P. L. de Geus, “Identifying Android malware using dynamically obtained
features,” J. Comput. Virol. Hacking Tech., vol. 11, no. 1, pp. 9–17,
2014.
[27] M. K. Alzaylaee, S. Y. Yerima, and S. Sezer, “EMULATOR vs
REAL PHONE: Android malware detection using machine learning,”
in Proc. 3rd ACM Int. Workshop Security Privacy Anal. (IWSPA),
Scottsdale, AZ, USA, Mar. 2017, pp. 65–72.
[28] M. Lindorfer, M. Neugschwandtner, and C. Platzer, “MARVIN:
Efficient and comprehensive mobile app classification through static
and dynamic analysis,” in Proc. IEEE 39th Annu. Comput. Softw. Appl.
Conf. (COMPSAC), 2015, pp. 422–433.
[29] D. Gaikwad and R. Thool, “DAREnsemble: Decision tree and rule
learner based ensemble for network intrusion detection system,”
in Proc. 1st Int. Conf. Inf. Commun. Technol. Intell. Syst., 2016,
pp. 185–193.
[30] A. Balon-Perlin and B. Gambäck, “Ensembles of decision trees for
network intrusion detection systems,” Int. J. Adv. Security, vol. 6,
nos. 1–2, pp. 62–77, 2013.
[31] M. Panda and M. R. Patra, “Ensembling rule based classifiers for
detecting network intrusions,” in Proc. Int. Conf. Adv. Recent Technol.
Commun. Comput., 2009, pp. 19–22, doi: 10.1109/ARTCom.2009.121.
 This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.
14
[32] A. Zainal, M. A. Maarof, S. M. Shamsuddin, and A. Abraham,
“Ensemble of one-class classifiers for network intrusion detection
system,” in Proc. 4th Int. Conf. Inf. Assurance Security, 2008,
pp. 180–185, doi: 10.1109/IAS.2008.35.
[33] L. D. Coronado-De-Alba, A. Rodriguez-Mota, and
P. J. Escamilla-Ambrosio, “Feature Selection and ensemble of
classifiers for Android malware detection,” in Proc. 8th IEEE Latin
Amer. Conf. Commun. (LATINCOM), Nov. 2016, pp. 1–6.
[34] M. K. Alzaylaee, S. Y. Yerima, and S. Sezer, “Improving dynamic anal-
ysis of Android apps using hybrid test input generation,” in Proc. Int.
Conf. CyberSecurity Protect. Digit. Services (Cyber Security), London,
U.K., Jun. 2017, pp. 1–8.
[35] Y. Aafer, W. Du, and H. Yin, “DroidAPIMiner: Mining API-level
features for robust malware detection in Android,” in Proc. 9th Int.
Conf. Security Privacy Commun. Netw. (SecureComm), Sydney, NSW,
Australia, Sep. 2013, pp. 86–103.
[36] T. Book, A. Pridgen, and D. S. Wallach, “Longitudinal analysis of
Android ad library permissions,” in Proc. Mobile Security Technol.
Conf. (MoST), San Francisco, CA, USA, May 2013.
[37] M. Hall et al., “The WEKA data mining software: An update,” ACM
SIGKDD Explor. Newslett., vol. 11, no. 1, pp. 10–18, Jun. 2009.
[38] T. M. Cover and J. A. Thomas, Elements of Information Theory, 2nd ed.
Hoboken, NJ, USA: Wiley, 2006, p. 41.
[39] L. Breiman, “Random forests,” Mach. Learn., vol. 45, no. 1, pp. 5–32,
2001.
[40] Y. Freund and R. E. Schapire, “Experiments with a new boosting
algorithm,” in Proc. 13th Int. Conf. Mach. Learn., Bari, Italy, 1996,
pp. 148–156.
[41] T. K. Ho, “The random subspace method for constructing decision
forests,” IEEE Trans. Pattern Anal. Mach. Intell., vol. 20, no. 8,
pp. 832–844, Aug. 1998.
[42] T. K. Ho, “Random decision forests,” in Proc. 3rd Int. Conf. Document
Anal. Recognit., 1995, pp. 278–282.
[43] D. H. Wolpert, “Stacked generalization,” Neural Netw., vol. 5, no. 2,
pp. 241–259, 1992.
[44] K. M. Ting and I. H. Witten, “Issues in stacked generalization,” J. Artif.
Intell. Res., vol. 10, no. 1, pp. 271–289, Jan. 1999.
[45] T. Ban, T. Takahashi, S. Guo, D. Inoue, and K. Nakao, “Integration of
multi-modal features for Android malware detection using linear SVM,”
in Proc. 11th Asia Joint Conf. Inf. Security, 2016, pp. 141–146.
[46] Z. Ni, M. Yang, Z. Ling, J.-N. Wu, and J. Luo, “Real-time detection of
malicious behavior in Android apps,” in Proc. Int. Conf. Adv. Cloud Big
Data (CBD), Chengdu, China, 2016, pp. 221–227.
[47] Z. Wang, J. Chai, S. Chen, and W. Li, “DroidDeepLearner: Identifying
Android malware using deep learning,” in Proc. IEEE 37th Sarnoff
Symp., Newark, NJ, USA, 2016, pp. 160–165.
[48] S. Wu, P. Wang, X. Li, and Y. Zhang, “Effective detection of Android
malware based on the usage of data flow APIs and machine learning,”
Inf. Softw. Technol., vol. 75, pp. 17–25, Jul. 2016.
[49] M.-Y. Su, J.-Y. Chang, and K.-T. Fung, “Machine learning on merg-
ing static and dynamic features to identify malicious mobile apps,” in
Proc. 9th Int. Conf. Ubiquitous Future Netw. (ICUFN), Milan, Italy,
Jul. 2017, pp. 863–867.
[50] N. Milosevic, A. Dehghantanha, and K.-K. R. Choo, “Machine learning
aided Android malware classification,” Comput. Elect. Eng., vol. 61,
pp. 266–274, Jul. 2017.
[51] W. Wang, Y. Li, X. Wang, J. Liu, and X. Zhang, “Detecting Android
malicious apps and categorizing benign apps with ensemble of classi-
fiers,” Future Gener. Comput. Syst., vol. 78, pp. 987–994, Jan. 2017.
[52] X. Wang et al., “Characterizing Android apps’ behavior for effec-
tive detection of malapps at large scale,” Future Gener. Comput. Syst.,
vol. 75, pp. 30–45, Oct. 2017.
IEEE TRANSACTIONS ON CYBERNETICS
[53] A. Mahindru and P. Singh, “Dynamic permissions based Android mal-
ware detection using machine learning techniques,” in Proc. 10th Innov.
Softw. Eng. Conf., Jaipur, India, Feb. 2017, pp. 202–210.
[54] M. Yang, S. Wang, Z. Ling, Y. Liu, and Z. Ni, “Detection of mali-
cious behavior in Android apps through API calls and permission uses
analysis,” Concurrency Comput. Pract. Exp., vol. 29, no. 19, 2017,
Art. no. e4172, doi: 10.1002/cpe.4172.
[55] F. Idrees, M. Rajarajan, M. Conti, T. M. Chen, and Y. Rahulamathavan,
“PIndroid: A novel Android malware detection system using ensemble
learning methods,” Comput. Security, vol. 68, pp. 36–46, Jul. 2017.
Suleiman Y. Yerima (M’04) received the B.Eng.
degree (First Class) in electrical and computer engi-
neering from the Federal University of Technology,
Minna, Nigeria, the M.Sc. degree (with distinction)
in personal, mobile, and satellite communications
from the University of Bradford, Bradford, U.K.,
and the Ph.D. degree in mobile computing and
communications from the University of South
Wales, Pontypridd, U.K. (formerly, the University
of Glamorgan), in 2009.
He is a Senior Lecturer of cyber security with
De Montfort University, Leicester, U.K. He was a Research Fellow with
the Centre for Secure Information Technologies, Queen’s University Belfast,
Belfast, Northern Ireland, where he led the mobile security research
theme, from 2012 to 2017. He was a member of the Mobile Computing
Communications and Networking Research Group with University of
Glamorgan, from 2005 to 2009. From 2010 to 2012, he was with the
U.K.—India Advanced Technology Centre of Excellence in Next Generation
Networks, Systems and Services, University of Ulster, Coleraine, Northern
Ireland.
Dr. Yerima is a member of IAENG professional societies. He is also a
Certified Information Systems Security Professional and a Certified Ethical
Hacker. He was the recipient of the 2017 IET Information Security premium
(best paper) award.
Sakir Sezer (M’00) received the Dipl.Ing. degree
in electrical and electronic engineering from RWTH
Aachen University, Aachen, Germany, and the Ph.D.
degree from Queens University Belfast, Belfast,
Northern Ireland, in 1999.
He is currently the Secure Digital Systems
Research Director and the Head of network
security research with the School of Electronics
Electrical Engineering and Computer Science.
Queens University Belfast. He is also the Cofounder
and the CTO of Titan IC Systems, Belfast. His
research is leading major (patented) advances in the field of high-performance
content processing and is currently commercialized by Titan IC Systems. He
has co-authored over 120 conference and journal papers in the areas of high-
performance network, content processing, and system on chip.
Prof. Sezer was a recipient of number of prestigious awards, including
InvestNI, Enterprise Ireland and Intertrade Ireland innovation and Enterprise
Awards, and the InvestNI Enterprise Fellowship. He is a member of the IEEE
International System-on-Chip Conference Executive Committee.