AgentDroid: A Multi-Agent Framework for Detecting Fraudulent Android Applications
Ruwei Pan, Hongyu Zhang, Zhonghao Jiang, Ran Hou
TL;DR
AgentDroid presents a multimodal, multi-agent framework for detecting fraudulent Android apps by combining static APK analysis with diverse data modalities. Powered by GPT-4o, eight specialized agents coordinate via a Task Master across three phases—task allocation, multimodal analysis, and decision making—to deliver a final fraud assessment. The approach outperforms traditional static-methods and single-agent LLM baselines, demonstrating the benefits of modular collaboration and heterogeneous feature integration. The work contributes an open-source toolkit and a fraud dataset, with implications for scalable, interpretable Android security analytics in real-world settings.
Abstract
With the increasing prevalence of fraudulent Android applications such as fake and malicious applications, it is crucial to detect them with high accuracy and adaptability. We present AgentDroid, a novel tool for Android fraudulent application detection based on multi-modal analysis and multi-agent systems. AgentDroid overcomes the limitations of traditional detection methods such as the inability to handle multimodal data and high false alarm rates. It processes Android applications and extracts a series of multi-modal data for analysis. Multiple LLM-based agents with specialized roles analyze the relevant data and collaborate to detect complex fraud effectively. We curated a dataset containing various categories of fraudulent applications and legitimate applications and validated our tool on this dataset. Experimental results indicate that our multi-agent tool based on GPT-4o achieves an accuracy of 91.7% and an F1-Score of 91.68%, outperforming the baseline methods. A video of AgentDroid is available at https://youtu.be/YOM9Ex-nBts.