AIMD: AI-powered android malware detection for securing AIoT devices and networks using graph embedding and ensemble learning

The rapid evolution of Artificial Intelligence of Things (AIoT) is accelerating the development of smart societies, where interconnected consumer electronics such as smartphones, IoT devices, smart meters, and surveillance systems play a crucial role in optimizing operational efficiency and service delivery. However, this hyper-connected digital ecosystem is increasingly vulnerable to sophisticated Android malware attacks that exploit system weaknesses, disrupt services, and compromise data privacy and integrity. These malware variants leverage advanced evasion techniques, including permission abuse, dynamic runtime manipulation, and memory-based obfuscation, rendering traditional detection methods ineffective. The key challenges in securing AIoT-driven smart societies include managing high-dimensional feature spaces, detecting dynamically evolving malware behaviours, and ensuring real-time classification performance. To address these issues, this paper proposed an AI-powered Android Malware Detection (AIMD) framework designed for AIoT-enabled smart society environments. The framework extracts multi-level features (permissions, intents, API calls, and obfuscated memory patterns) from Android APK files and employs graph embedding techniques (DeepWalk and Node2Vec) for dimensionality reduction. Feature selection is optimized using the Red Deer Algorithm (RDA), a metaheuristic approach, while classification is performed through an ensemble of machine learning models (Support Vector Machine, Decision Tree, Random Forest, Extra Trees) enhanced by bagging, boosting, stacking, and soft voting techniques. Experimental evaluations on CICInvesAndMal2019 and CICMalMem2022 datasets demonstrate the effectiveness of the proposed system, achieving malware detection accuracies of 98.78% and 99.99%, respectively. By integrating AI-driven malware detection into AIoT infrastructures, this research advances cybersecurity resilience, safeguarding smart societies against emerging threats in an increasingly connected world.