Awesome Graph based Android Malware Detection Scientific Research 
- 2026 2025 | 2024 | 2023 | 2022 | 2021 | 2020 | Others
- My Other Awesome Lists
- Contributing
- Contributors
| Graph Type | Means (Full Form) | Models | Focus | Explanation |
|---|---|---|---|---|
| CFG | Control Flow Graph | Execution paths within a method | Control | Represents all possible execution paths of a method using basic blocks and branching edges. |
| ICFG | Interprocedural Control Flow Graph | Control flow across methods | Control | Connects CFGs across method calls and returns to model whole‑program execution flow. |
| FCG / CG | Function Call Graph | Method‑to‑method calls | Structure | Shows invocation relationships between functions, useful for structure and similarity analysis. |
| DFG | Data Flow Graph | Data propagation paths | Semantics | Captures how data values flow between instructions or variables throughout a program. |
| DDG | Data Dependency Graph | Definition‑use relationships | Semantics | Represents explicit data dependencies (use‑def chains) between program variables or instructions. |
| PDG | Program Dependence Graph | Control + data dependencies | Program logic | Combines control dependencies (from CFG) and data dependencies (from DFG/DDG). |
| SDG | System Dependence Graph | Whole‑program dependencies | Program semantics | Extends PDG across procedures and components for full program analysis. |
| ICCG | Inter‑Component Call Graph | Android component interactions | Android‑specific structure | Models communication among Android components via intents and callbacks. |
| Intent Graph | Intent Communication Graph | Intent‑based IPC | Android behavior | Focuses on intent sending and receiving paths between Android components. |
| Lifecycle Graph | Android Lifecycle Graph | Lifecycle transitions | Android behavior | Represents valid and invalid transitions between Android lifecycle callbacks. |
| API Call Graph | API Call Graph | Framework API usage | Behavior | Abstracts program behavior as calls to Android or system APIs. |
| Sensitive API Graph | Sensitive API Call Graph | Security‑critical API usage | Security behavior | Subgraph of API calls related to sensitive resources like SMS, location, or network. |
| Permission Usage Graph | Permission–API Graph | Permission relations | Security policy | Links permissions to the APIs that require them to detect misuse or over‑privilege. |
| Dynamic Call Graph | Runtime Call Graph | Runtime execution | Dynamic behavior | Captures function calls observed during execution, including reflection and dynamic loading. |
| System Call Graph | Linux System Call Graph | Kernel interactions | Low‑level behavior | Models interactions between the app (especially native code) and the Linux kernel. |
| APG | Attributed Program Graph | Labeled program graphs | ML‑ready representation | Enriches nodes and edges with attributes (opcodes, APIs, permissions) for GNN learning. |
| Heterogeneous Graph | Multi‑Type Program Graph | Mixed entities | Unified behavior | Contains different node and edge types (methods, APIs, permissions, components). |
| CPG | Code Property Graph | AST + CFG + PDG | Unified semantics | Integrates syntax, control flow, and data dependencies into one expressive graph. |
| JNI Interaction Graph | Java–Native Interaction Graph | Java ↔ native calls | Mixed‑language behavior | Models interactions between Java bytecode and native .so libraries. |
- Survey of Malware Analysis through Control Flow Graph using Machine Learning
- SFCGDroid: android malware detection based on sensitive function call graph
- CDGDroid: Android Malware Detection Based on Deep Learning Using CFG and DFG
- AMDroid: Android Malware Detection Using Function Call Graphs
You can access the my other awesome lists here
Contributions of any kind welcome, just follow the guidelines!