Explainable android malware detection and malicious code localization using graph attention

This research paper presents XAIDroid, a framework that uses graph neural networks (GNNs, machine learning models that analyze relationships between connected pieces of data) and graph attention mechanisms to automatically identify and locate malicious code within Android apps. The system represents app code as API call graphs (visual maps of how different functions communicate) and assigns importance scores to pinpoint which specific code sections are malicious, achieving high accuracy rates of 97.27% recall at the class level.