Text
PENDEKATAN KEBARUAN ALGORITMA MULTI-ROBOT DALAM PENANGGULANGAN SERANGAN DINI CYBERCRIME MALWARE ANDROID
The growth of the Android ecosystem in Indonesia has increased the complexity of cybersecurity threats, particularly through the spread of malicious APK files disguised as legitimate applications. Attack methods such as fake digital invitations containing banking malware, as well as the use of obfuscation, polymorphism, and dynamic behavior manipulation techniques, have rendered signature-based detection methods ineffective. The absence of a representative local dataset further limits the ability of detection models to recognize the unique characteristics of domestic threats. This study tackles these issues by creating a detection system that uses both static and dynamic analysis and a multi-robot algorithm. The dataset was constructed from APK samples collected through the Ibnu Maksum Telegram channel and verified using VirusTotal. Static analysis was conducted using apktool, while dynamic analysis utilized an emulator and Mobile Security Framework (MobSF) to monitor system calls, API traces, network behavior, and execution patterns. Together, these approaches produced 47 hybrid features that were processed through data cleaning, normalization, feature selection, SMOTE, and PCA. The multi-robot architecture leverages three algorithms SVM, Random Forest, and KNN as autonomous learning agents that exchange information through a confidence-sharing mechanism to form shared situational awareness. Final decisions are made in the decision fusion layer using majority voting, weighted fusion, and hybrid fusion, increasing prediction stability and resilience against new malware variants, including zero day threats. Evaluation results indicate that the multi-robot model achieved 99.80% accuracy, 100% precision, and a 99.79% F1 score, with false negatives below 0.21%, indicating exceptionally high and consistent detection capability. The confusion matrix analysis further supports the finding that multi-robot integration reduces prediction variance and produces stable performance under various testing conditions. Overall, this research offers significant scientific and practical contributions to the development of early detection models for Android malware tailored to local threat contexts. The hybrid analysis based approach and multi-robot architecture successfully address the limitations of conventional methods by providing a more comprehensive, intelligent, and reliable detection system. With high performance, computational efficiency, and adaptability to emerging threats, this model has strong implementation potential across various sectors, including mobile security, digital banking systems, cybersecurity operations centers (SOCs), and national cyber defense infrastructure. This study not only advances scientific knowledge but also holds strategic relevance in strengthening cybersecurity resilience in an increasingly digital era.