Hybrid Dto-Rsa And Gan-Bilstm Based Static And Dynamic Analysis Approach For Efficient Intrusion Detection In Android Application

Abstract

An Intrusion Detection System (IDS) serves as a security mechanism that continuously observes android malware apps activities, aiming to identify unauthorized access, suspicious behavior, or policy breaches. While machine learning and deep learning enhance IDS capabilities, they face challenges such as adapting to evolving attack strategies, ensuring efficient real-time detection, and mitigating adversarial manipulation attempts. To address these challenges, the Hybrid GAN-BiLSTM model integrates adversarial learning for robust feature augmentation and uses Bi-LSTM's contextual patterns, ensuring enhanced resilience against imbalanced data and dynamic malware behaviors. The system processes a static- dynamic malware analysis dataset with advanced techniques such as Recurrent Batch Normalization (RBN) for stability, Stochastic Regression Imputation (SRI) for missing data, and Multiview Subspace Clustering (MSC) to remove redundancy. The feature selection is improved by the hybrid Dipper Throated Optimization - Reptile Search Algorithm (DTO- RSA) technique. To identify malware, a hybrid Generative Adversarial Network- Bidirectional Long Short-Term Memory (GAN-BiLSTM) model is used, which combines sequential pattern analysis and adversarial learning. The system predicts potential threats by refining feature extraction and classification process. The proposed method obtains a PPV of 89.20%, False Discovery Rate of 10.80% and F1_Score of 89.85% for malware prediction respectively. The proposed approach utilizes a GAN-BiLSTM model to enhance malware prediction accuracy by generating synthetic data and leveraging the Bi-LSTM for better feature learning. This advanced method improves the performance of an Intrusion Detection System by effectively handling both temporal features, ensuring more robust anomaly detection.