Student-led research deploys AI to spot stealthy Android malware
LAKELAND, Fla., June 6, 2025 /PRNewswire/ -- Researchers at Florida Polytechnic University have developed an artificial intelligence technique that can detect elusive malware known as remote access trojans (RATs) on Android devices. The breakthrough could help protect millions of users from cybercriminals who use RATs to steal personal information and control devices without detection.
Nesreen Dalhy B.S. '23, M.S. '25 worked with Dr. Karim Elish, associate professor of computer science at Florida Poly, to identify new, more effective ways to detect this malicious software as part of her master's thesis.
"RATs are a significant cybersecurity threat – they are particularly hard to detect, remain persistent and attempt to steal as much of your data as possible," said Dalhy, who has bachelor's and master's degrees in computer science from the University. "A lot of the existing research tries to identify general types of malware, but there isn't much that specifically tries to detect RATs."
Dalhy, from Davenport, Florida, said RATs have been a problem for years, evolving alongside technology. They continually find new ways to stay hidden in smartphones and steal users' personal information. Androids account for over 80% of the world's mobile devices.
"It can silently run in the background of your phone and spy on you without you realizing it," she said. "When you're using an app, you're just seeing whatever is on the screen and not everything that is going on, and that's what RATs take advantage of."
It's under this cyber cloak that the malware can take control of an Android device to make calls, send messages, record audio or video, or even encrypt the device's files and demand a ransom.
Dalhy and Elish trained a machine learning model to focus only on narrow samples of malware to identify and differentiate specific RAT patterns. By using different threat intelligence databases, they were able to analyze which malware exhibited RAT behavior and use RAT characteristics to highlight more of the smaller samples for detection.
Elish, an expert on Android security, said three models they developed detected almost all RATS with 99% accuracy.
The next steps for this work will be developing a mobile application based on its results and expanding the research model to detect a broader range of malware families to improve its utility and effectiveness.
"Nesreen did amazing work that will have a lot of impact on the community," Elish said. "I am very proud of her work and that we are able to publish this and present it at an important conference."
Dalhy and Elish presented the research at the industry-leading IEEE/ACIS International Conference on Software Engineering, Management and Applications in May.
View original content to download multimedia:https://www.prnewswire.com/news-releases/student-led-research-deploys-ai-to-spot-stealthy-android-malware-302475032.html
SOURCE Florida Polytechnic University
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Associated Press
2 hours ago
- Associated Press
Promethean introduces new ActivPanel D-Series digital signage and software solution
Global tech market leader combines trusted hardware and powerful software to ensure users can easily share important information and urgent messages on site SEATTLE, June 30, 2025 /PRNewswire/ -- Promethean, a leading global tech company and brand owned by Inc. (NYSE American: MYND), has announced the new ActivPanel D-Series—a non-interactive digital signage solution available this summer in the U.S. and expanding to international markets later this year. Radix Viso, a web-based management console, and Rise Vision, an all-in-one, cloud-based digital signage software platform for customers in the U.S.*, are conveniently built into the ActivPanel D-Series for immediate use with a required paid license to activate. Users can display daily information and urgent messages at a moment's notice in places like classrooms, lunchrooms, offices, huddle rooms, gyms, and more on both interactive flat panel displays (IFPDs) and digital signage solutions. 'Organizations often struggle to efficiently share and spread important information,' said Lance Solomon, chief product officer at Promethean. 'Pairing an ActivPanel D-Series with Radix Viso and Rise Vision turns any space into easy-to-manage, real-time communication hubs.' Promethean and Rise Vision provide a powerful software and display solution with more than 600 ready-to-use editable templates, remote management, and the ability to link to emergency messaging software to grab attention and help keep buildings safe and secure. The intuitive screen saver function allows users to instantly switch between display and interactive mode on an IFPD with a single tap, limiting distractions. Promethean will debut and demo the ActivPanel D-Series along with Radix Viso, Rise Vision, and more innovative products in booth number 2206 at ISTELive 2025 from June 29-July 2 in San Antonio, TX. 'The new digital signage solution and winning partnership with Rise Vision will help diversify Promethean's portfolio and create more opportunities to expand in the future,' said Solomon. 'We can make sure everyone has access to the necessary information they need, when they need it.' *Apps and software vary by region. ActivPanel D-Series does not require apps for functionality; apps are optional and require paid licenses for use. About Promethean Founded in Blackburn, England, Promethean reshapes how education organizations and modern workplaces use AV tech. A trusted leader and proven partner for over 25 years, the company's award-winning ActivPanel displays and innovative software, ActivInspire, Explain Everything, and Promethean ActivSuite™, engage students, connect colleagues, and work together seamlessly. Promethean's learning, collaboration, and communication solutions inspire users in 126 countries in various industries. Headquartered in Seattle, Washington, with offices worldwide, Promethean is a subsidiary of Inc. (NYSE American: MYND). Learn more at About Rise Vision Rise Vision, established in 1992 and found in over 11,000 organizations, specializes in cloud-based digital signage software designed to help users enhance communication and engagement. The platform enables simple creation and management of dynamic content across multiple screens. Visit for more information. ©2025 Promethean Limited. All rights reserved. Promethean, the Promethean logo, ActivPanel, ActivInspire, Explain Everything, and Promethean ActivSuite are trademarks or registered trademarks of Promethean Limited in the United Kingdom, United States, and other countries around the world. All third-party trademarks (including logos and icons) referenced by Promethean remain the property of their respective owners. Unless specifically identified, the use of third-party trademarks does not indicate any relationship, sponsorship, or endorsement between Promethean and the owners of these trademarks. Applicable Terms and Conditions for warranty and support available at All weights and dimensions are approximate. Product specifications are subject to change without notice. View original content to download multimedia: SOURCE Promethean Inc
Android Authority
2 hours ago
- Android Authority
I always install Chrome Beta on all my Android phones; here's why
Rita El Khoury / Android Authority It's been more than 13 years since Chrome first launched on Android. Fundamentally, the app hasn't changed much in all these years: I type a URL and the page loads up. In all these years, though, Chrome hasn't caught up with the rest of Google's apps in one key feature: multiple account support. Most of the official Google apps let me quickly switch between different Google accounts, and they have done that for many years now, since 2010-2011, to be precise. Chrome, however, doesn't allow that for some reason, and it's the bane of my existence. To fix that, I always install Chrome Beta (and Chrome Dev) on my Android phones. Here's why and how I make it work for me. Do you use Chrome Beta, Dev, or Canary to create two separate browsing sessions or profiles? 0 votes Yes. NaN % I used to, but I no longer need this. NaN % I had no idea this can be done! I'll do it now. NaN % No, I have no need for this. NaN % No, I don't use Chrome at all. NaN % What Chrome Beta allows me to do that Chrome stable doesn't Rita El Khoury / Android Authority I'm probably not the only person to have multiple Google accounts. Many people have at least two — personal and work/school — and potentially more for other purposes. For me, there's a personal one, a work one for Android Authority, and a joint one with my husband, which we use for all the shared bills, reservations, documents, and purchases. Since the beginning, I've established a clear separation between these three accounts. I don't link them together inside the same Chrome profile on my desktop computer; instead, I use separate Chrome profiles that allow me to keep church and state private. That way, my work browsing doesn't affect my personal recommendations, and my personal data doesn't leak into work or my shared joint account. Bookmarks, browsing history, cookies, caches, default addresses and payment methods, saved logins and passwords — all of these are separate between each account and profile because they do serve completely different purposes. Rita El Khoury / Android Authority On my Android phone, though, Chrome only allows me to log into one account and sync all that data over. If I want to switch to another account, I can't simply swipe on my avatar and have it roll between personal, work, and joint. No, I have to sign out and then sign back in with the other account, do what I need, then remember to sign back out and into the first one again. I did that for all of one day back in 2012 and immediately regretted it. Then it occurred to me: There's also Chrome Beta, can I sign in with a different account? I use Chrome and Chrome beta to separate between my personal and my work accounts' bookmarks, history, recommendations, logins, and other saved data. And sure enough, I was able to keep my personal account linked to the main Chrome app on my phone, and then sign into my work account on Chrome Beta. I finally had a setup that was almost as good as what I had on my computer! I could keep my browsing and personal data separate and control what each profile sees and knows about me. Perfect. The app does have 'beta' in its name, and that should mean bugs, at least on paper. But in my 10+ years of using both browsers at the same time, I don't even recall one instance where Chrome Beta failed me. I'm sure it's not exactly as stable as the main release, and bugs occur, but what I'm trying to say is that it's generally good enough to not be a 'beta' experience in everyday life. Rita El Khoury / Android Authority The only hiccup is in handling links coming in from other apps. Say I'm checking a work email and I click a link, it'll open in my default browser, which is Chrome stable, i.e., on my personal account. So I've learned to copy the link's URL, manually open Chrome Beta, and paste it. It's annoying, but not as annoying as sacrificing my privacy by keeping all my data in one browser. In 2017, when I got married and created a joint account with my husband, I demoted my work account to Chrome's less stable Chrome Dev since I was focusing on a better work-life balance and used my phone less for work. My new joint Google account with my husband became my mainstay Chrome Beta account. Dev has had a few bugs in all these years, but once again, nothing that I would call a dealbreaker. If you have even more Google accounts, you can go experimental and assign your least-used one to Chrome Canary. At this point, do expect some more frequent issues and bugs. Unfortunately, the list of standalone Chrome apps stops there, so if you have five or more Google accounts, you won't be able to log in with all of them. But four is a good start. Of course, it would be better if Google could add multiple profile support in Chrome so we don't have to resort to these workarounds, and those with more than four accounts can still keep their browsing data separate. I had hope for that in 2012-2013, but in 2025, I think the hope has wilted and died. You can always use the different Chrome apps to separate VPN from local browsing sessions, or have two Chrome instances with different permissions. When I mentioned this multiple-Chrome trick in my article about the Google apps I always install on my Pixel, reader Darth Vader said that he uses this same trick for another purpose: to separate his VPN browsing from his regular local browsing using a VPN app that allows tunneling per application. I found this fascinating and an excellent way of using these separate Chrome apps to achieve different browsing needs, even under the same Google account. You could, for example, have one regular instance of Chrome and another in Beta, where you don't allow the browser any permissions, disable third-party cookies, and pick different settings or flags. That sounds very useful, too.
Forbes
2 hours ago
- Forbes
Why The Slow And Steady Adoption Of Passkeys Is A Good Thing
Kevin Dominik Korte: IT Innovation Strategist, Board Member. Expert in identity management, AI and open-source solutions. Since its initial launch in mid-2022, passkey technology has led a relatively quiet existence without garnering much attention. However, an increasing number of websites have recently started supporting the new concept of passwordless sign-ins. Built on the FIDO2 and WebAuthn standards, passkeys have been heralded as the long-awaited solution to replace insecure passwords. The technology quickly gained the support of tech giants, major brands and open-source enthusiasts. After all, it promises an end to phishing and credential theft, bringing with it phishing resistance, no shared secrets and seamless biometric integration. Two years since the first implementations, we've seen an uptick in adoption on consumer websites, as the FIDO alliance highlighted on the occasion of the first "World Passkey Day" on May 1. To date, almost half of the top 100 websites offer passkey integration. Unfortunately, success on the consumer side of things is only half the story. Enterprise adoption remains stubbornly slow. While passkeys offer security and usability advantages, sprawling legacy systems and complex regulatory obligations have caught enterprises between the allure of innovation and the inertia of established processes. Let's dive into the three major types of problems slowing down broader passkey adoption. Despite technological advances, passkeys also come with several technical disadvantages in enterprise settings. The keys are device-bound, relying on secure enclaves or hardware security modules to store private keys. Transferring them between different devices hinges on proprietary and incompatible protocols. Apple's passkeys do not seamlessly interoperate with Android and vice versa, leaving IT departments to wrestle with compatibility gaps and inconsistent user experiences. This dependency introduces a host of complications for organizations, such as employees switching between corporate laptops and desktops, bring-your-own-device policies and shared workstations. Unlike passwords, which are platform-agnostic, passkeys require careful orchestration across a fragmented ecosystem of devices, operating systems and browsers. While some enterprise password solutions offer support for passkey technology, this adds another piece of software to the growing list of applications. And then there's legacy integration. Enterprises have invested in their IT systems, and many legacy systems rely on non-web applications. Passkey was not available yet when IT departments mapped out their application and system requirements. As a result, retrofitting these environments demands significant engineering resources, ongoing maintenance and specialized expertise in protocols like WebAuthn. The cost and complexity of such projects can be daunting, especially when weighed against the perceived incremental benefit over existing multifactor authentication (MFA) solutions companies already have in place. It's no wonder many organizations choose to maintain parallel authentication systems, undermining the very security and efficiency gains that passkeys are meant to deliver. Beyond the technical, there is the human element as well. Decades of password-centric workflows have defined habits for users and administrators. The introduction of passkeys represents a fundamental shift. It's not only how people log in, but also how they think about it. For passkeys to be widely adopted, we must change how people perceive authentication, passwords and cybersecurity in general. The adoption rates of similar security technologies, like MFA, and the responses to cybersecurity training give us a flavor of the challenges that lie ahead when it comes to convincing administrators, who in turn have to convince their end users. Yet, IT departments are even more worried about the lack of fallback and reset processes. These threaten to disrupt established help desk routines. What happens when a device is lost, stolen or otherwise compromised? How do you provision passkeys for temporary staff, contractors or disabled users who cannot use biometrics? While it's true that most IT departments have long-established procedures for these questions, they will face these questions again when transitioning to passkeys. The lack of unified support for passkey resets and recoveries compounds the issue. Today, passkey recovery depends on proprietary cloud services or complex key escrow arrangements, which may not align with corporate security policies or regulatory requirements. Until we find a standardized solution for these operational questions, IT leaders will remain hesitant to mandate passkeys as the sole authentication method. Even if we solve the human and technical issues, regulatory and compliance considerations will slow deployment. Enterprises operate under stringent compliance mandates, including GDPR, HIPAA and PSD2. While passkeys offer strong security guarantees, they introduce new ambiguities around data privacy, especially involving biometric data. Biometrics are typically stored locally and never transmitted, but organizations must still demonstrate compliance and reassure stakeholders that sensitive data is adequately protected. Further, IT and HR have to harmonize these arrangements with bring-your-own-device and similar IT policies. What's more is IT departments must carefully plan and secure partial deployments and transition periods. Partial adoption creates security blind spots, though, combining the shortcomings of passwords and passkeys. We're Getting There: Incremental Progress Is A Feature, Not A Bug Despite these headwinds, surveys suggest that nearly 90% of enterprises are piloting or already using passkeys for customer-facing deployments. However, only a fraction of them have rolled out passkeys organization-wide. On the enterprise side, the most successful implementations have taken a phased approach. High-risk user groups are migrated to passkeys first while existing authentication methods remain an option for everyone else. This incremental strategy allows organizations to realize immediate gains. It reduces phishing, improves security and enhances the user experience, while gradually building the trust and expertise needed for broader adoption. Ultimately, the slow path to enterprise passkey adoption is not a failure of technology but a reflection of the complex realities of large-scale IT. As with any paradigm shift, success depends on a pragmatic blend of technical innovation, user education and regulatory alignment. For now, passwords may be on notice, but writing their obituary—at least in the enterprise—would be premature. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
