A Review of Explainable AI for Android Malware Detection and Analysis
Recent advances in complex machine learning models have significantly enhanced Android malware detection and analysis. However, these models often operate as closed boxes, making it difficult to understand which aspects of the input data influence their decisions. Such interpretability is essential...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/11122514/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849340365587349504 |
|---|---|
| author | Maryam Tanha Somayeh Kafaie |
| author_facet | Maryam Tanha Somayeh Kafaie |
| author_sort | Maryam Tanha |
| collection | DOAJ |
| description | Recent advances in complex machine learning models have significantly enhanced Android malware detection and analysis. However, these models often operate as closed boxes, making it difficult to understand which aspects of the input data influence their decisions. Such interpretability is essential for building trust and improving model robustness and performance. This paper reviews and analyzes recent research on explainable artificial intelligence (XAI) techniques applied to Android malware detection. We identify key objectives for integrating explainability, examine current XAI techniques used for explaining the results of Android malware detectors, and their limitations. We also examine the metrics used to evaluate explanation quality. Furthermore, we introduce a system that utilizes the MITRE ATT&CK framework to enhance and structure feature-based explanations. Lastly, we highlight current challenges and suggest directions for future research in this emerging field. |
| format | Article |
| id | doaj-art-6379e8dd1c0847eaa952f36e7dd3ee0e |
| institution | Kabale University |
| issn | 2169-3536 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-6379e8dd1c0847eaa952f36e7dd3ee0e2025-08-20T03:43:55ZengIEEEIEEE Access2169-35362025-01-011314195814197410.1109/ACCESS.2025.359757511122514A Review of Explainable AI for Android Malware Detection and AnalysisMaryam Tanha0https://orcid.org/0000-0001-7281-1943Somayeh Kafaie1Khoury College of Computer Sciences, Northeastern University, Vancouver, BC, CanadaDepartment of Mathematics and Computing Science, Saint Mary’s University, Halifax, NS, CanadaRecent advances in complex machine learning models have significantly enhanced Android malware detection and analysis. However, these models often operate as closed boxes, making it difficult to understand which aspects of the input data influence their decisions. Such interpretability is essential for building trust and improving model robustness and performance. This paper reviews and analyzes recent research on explainable artificial intelligence (XAI) techniques applied to Android malware detection. We identify key objectives for integrating explainability, examine current XAI techniques used for explaining the results of Android malware detectors, and their limitations. We also examine the metrics used to evaluate explanation quality. Furthermore, we introduce a system that utilizes the MITRE ATT&CK framework to enhance and structure feature-based explanations. Lastly, we highlight current challenges and suggest directions for future research in this emerging field.https://ieeexplore.ieee.org/document/11122514/Androidexplainabilityinterpretabilitymachine learningmalwaresecurity |
| spellingShingle | Maryam Tanha Somayeh Kafaie A Review of Explainable AI for Android Malware Detection and Analysis IEEE Access Android explainability interpretability machine learning malware security |
| title | A Review of Explainable AI for Android Malware Detection and Analysis |
| title_full | A Review of Explainable AI for Android Malware Detection and Analysis |
| title_fullStr | A Review of Explainable AI for Android Malware Detection and Analysis |
| title_full_unstemmed | A Review of Explainable AI for Android Malware Detection and Analysis |
| title_short | A Review of Explainable AI for Android Malware Detection and Analysis |
| title_sort | review of explainable ai for android malware detection and analysis |
| topic | Android explainability interpretability machine learning malware security |
| url | https://ieeexplore.ieee.org/document/11122514/ |
| work_keys_str_mv | AT maryamtanha areviewofexplainableaiforandroidmalwaredetectionandanalysis AT somayehkafaie areviewofexplainableaiforandroidmalwaredetectionandanalysis AT maryamtanha reviewofexplainableaiforandroidmalwaredetectionandanalysis AT somayehkafaie reviewofexplainableaiforandroidmalwaredetectionandanalysis |