To address the growing sophistication of Android malware and the low accuracy and high computational overhead of conventional detection methods, this paper proposes an attention-enhanced MLP-SVM fusion framework. We introduce a novel attention-guided lightweight feature selection paradigm that distills 47 highly discriminative features from raw inputs, followed by Linear Discriminant Analysis (LDA) to compress them into 14-dimensional discriminative components. On this minimal yet expressive representation, we jointly leverage an attention-enhanced multilayer perceptron (MLP) and an RBF-kernel support vector machine (SVM) for accurate malware detection and family classification. Evaluated on the CCS-CIC-AndMal-2020 dataset, our method achieves 99.03% accuracy—surpassing all existing state-of-the-art approaches—while significantly reducing computational complexity and mitigating model evolution sensitivity. The framework thus delivers both high efficiency and strong robustness.

The escalating sophistication of Android malware poses significant challenges to traditional detection methods, necessitating innovative approaches that can efficiently identify and classify threats with high precision. This paper introduces a novel framework that synergistically integrates an attention-enhanced Multi-Layer Perceptron (MLP) with a Support Vector Machine (SVM) to make Android malware detection and classification more effective. By carefully analyzing a mere 47 features out of over 9,760 available in the comprehensive CCCS-CIC-AndMal-2020 dataset, our MLP-SVM model achieves an impressive accuracy over 99% in identifying malicious applications. The MLP, enhanced with an attention mechanism, focuses on the most discriminative features and further reduces the 47 features to only 14 components using Linear Discriminant Analysis (LDA). Despite this significant reduction in dimensionality, the SVM component, equipped with an RBF kernel, excels in mapping these components to a high-dimensional space, facilitating precise classification of malware into their respective families. Rigorous evaluations, encompassing accuracy, precision, recall, and F1-score metrics, confirm the superiority of our approach compared to existing state-of-the-art techniques. The proposed framework not only significantly reduces the computational complexity by leveraging a compact feature set but also exhibits resilience against the evolving Android malware landscape.