Feature-Centric Approaches to Android Malware Analysis: A Survey

Sophisticated malware families exploit the openness of the Android platform to enable large-scale disruption, data exfiltration, and denial-of-service attacks, including the infiltration of IoT infrastructures. This systematic literature review examines cutting-edge approaches to Android malware analysis, with implications for securing resource-constrained environments. We analyze feature extraction techniques across static, dynamic, hybrid, and graph-based methods, highlighting their respective trade-offs. Static analysis offers efficiency but is easily circumvented through obfuscation, whereas dynamic analysis provides stronger resistance to evasive behaviors at the cost of higher computational overhead, often unsuitable for lightweight devices. Hybrid approaches aim to balance accuracy with resource efficiency, while graph-based methods deliver enhanced semantic modeling and adversarial robustness. This survey provides a structured comparison of existing techniques, identifies open research gaps, and outlines a roadmap for future work to improve scalability, adaptability, and long-term resilience in Android malware detection.