**5. Discussion**

With rapidly developing technology, the use of smartphones with new features and associated Android applications has increased. Statista reported that 1.3 billion smartphones will be used by 2023. This also brings challenges for the researchers and developers of security mechanisms for these applications, originating in the new complexities and vulnerabilities of the Android applications that hackers can quickly exploit.

Considering that Android applications of digital e-commerce, e-business, savings, and online banking are associated with confidential and appreciated information communicated within the mobile network, it is important to evaluate the application data in terms of accomplishing proper security. Machine and deep learning algorithms are used to monitor the detection of malicious attacks against Android applications to ensure that security openings do not occur within this network. The present research contributes to the area

of cybersecurity by developing a system based on machine learning and deep learning algorithms to detect anomalies in signature databases, thus, permitting the system to detect unknown attacks.

As we know, the network has a very complex format; in this study, nonlinear models were proposed to achieve high accuracy, whereas linear, namely LDA and KNN, models achieved slightly worse performance. The accuracy performance of LDA was 45.32% in the CICAndMal2017 dataset, and the accuracy performance improved to 81.35% using the Drebin dataset. It was observed that the KNN model achieved little accuracy, 81.57%, using the Drebin dataset. We observed that the LDA and KNN algorithms are not appropriate for detecting Android malware. In deep learning models, the AE mode results were not satisfactory for detecting the mobile attacks. The AE achieved 75.79% and 56.65% with respect to the CICAndMal2017 and Drebin datasets. The AE is composed of the encoder and decoder models; the encoder compresses the input data, whereas the decoder is used to recreate the input from the encoder. Overall, we observed that these models did not achieve good results due to the research datasets being binary data.

Furthermore, using the support vector machine, LSTM and CNN-LSTM algorithms achieved high accuracy performance for developing an appropriate system that can support the security of smartphones against malware. Two standard datasets were used. The SVM model achieved an accuracy of 100% using the CICAndMal2017 dataset and the LSTM algorithm achieved 99.40% using the Drebin dataset.

Our system was compared with existing systems of machine learning and deep learning models that detect malware for the security of Android applications. The mechanism of the proposed system is based on the pattern of dataset behavior for detecting the attacks. The LSTM model had an accuracy of 99.40% in the case of the Drebin dataset, indicating that it is a robust model to handle Android security vulnerabilities. Recently, by employing a CNN model on an Android platform, the system was found to achieve high accuracy; however, our system is more accurate against all systems. Table 13 show the results of our system against existing security systems using the same dataset. The graphic representation of our system and other existing systems' results with respect to the accuracy metrics is presented in Figure 21. Overall, the system we propose achieved the highest accuracy.


**Table 13.** Results of the proposed system against existing security systems using the Drebin dataset.

**Figure 21.** Comparative performance of the proposed system against existing systems in the detection of malware against Android applications using the Drebin dataset.

Table 14 display the results of the proposed system and other existing Android cybersecurity systems that use the machine and deep learning algorithms applied to different Android datasets. To confirm the results of the proposed system against other Android security systems, we compared recent systems' results with ours, with the latter achieving high accuracy. The graphic representation of these results is presented in Figure 22.



**Figure 22.** Comparative performance of the proposed system against existing systems in the detection of malware against Android applications using different datasets.
