Close
Apply
Nesreen Dalhy B.S. ’23, M.S. ’25, and Dr. Karim Elish, associate professor of computer science at Florida Polytechnic University, have developed new ways to detect elusive Android malware known as remote access trojans (RATs). They presented the research at the IEEE/ACIS International Conference on Software Engineering, Management and Applications in May.

Student-led research deploys AI to spot stealthy Android malware

June 5, 2025

Researchers at Florida Polytechnic University have developed an artificial intelligence technique that can detect elusive malware known as remote access trojans (RATs) on Android devices. The breakthrough could help protect millions of users from cybercriminals who use RATs to steal personal information and control devices without detection.

Nesreen Dalhy B.S. ’23, M.S. ’25 worked with Dr. Karim Elish, associate professor of computer science at Florida Poly, to identify new, more effective ways to detect this malicious software as part of her master’s thesis.

“RATs are a significant cybersecurity threat – they are particularly hard to detect, remain persistent and attempt to steal as much of your data as possible,” said Dalhy, who has bachelor’s and master’s degrees in computer science from the University. “A lot of the existing research tries to identify general types of malware, but there isn’t much that specifically tries to detect RATs.”

Dalhy, from Davenport, Florida, said RATs have been a problem for years, evolving alongside technology. They continually find new ways to stay hidden in smartphones and steal users’ personal information. Androids account for over 80% of the world’s mobile devices.

“It can silently run in the background of your phone and spy on you without you realizing it,” she said. “When you’re using an app, you’re just seeing whatever is on the screen and not everything that is going on, and that’s what RATs take advantage of.”

It’s under this cyber cloak that the malware can take control of an Android device to make calls, send messages, record audio or video, or even encrypt the device’s files and demand a ransom.

Dalhy and Elish trained a machine learning model to focus only on narrow samples of malware to identify and differentiate specific RAT patterns. By using different threat intelligence databases, they were able to analyze which malware exhibited RAT behavior and use RAT characteristics to highlight more of the smaller samples for detection.

Elish, an expert on Android security, said three models they developed detected almost all RATS with 99% accuracy.

The next steps for this work will be developing a mobile application based on its results and expanding the research model to detect a broader range of malware families to improve its utility and effectiveness.

“Nesreen did amazing work that will have a lot of impact on the community,” Elish said. “I am very proud of her work and that we are able to publish this and present it at an important conference.”

Dalhy and Elish presented the research at the industry-leading IEEE/ACIS International Conference on Software Engineering, Management and Applications in May.

 

Contact:
Lydia Guzmán
Director of Communications
863-874-8557

Explore Academics
Programs
Resources
Support
Explore Admissions
Undergraduate
Graduate
Helpful Links
Explore Student Life
Campus
Opportunities
Services
Explore Research
Research
Curriculum
Explore Alumni
Get Connected
Explore Florida Poly
Learn More
Who We Are
Resources
Session Details

This session will demonstrate that practical risk management is for everyone, regardless of a formal program. Attendees will learn actionable and simple strategies that are easy to implement, enabling them to start immediately by focusing on their top risks to build greater operational resilience and ensure the sustained success of their auxiliary enterprises.

Presenter Profile

Michelle Powell serves as the pioneering Risk Manager at Florida Polytechnic University, the state’s sole 100% STEM-dedicated institution. Having been with the university for nearly 11 years, Michelle transitioned from a leadership role in Admissions in October 2023 to establish and evolve the risk management function from the ground up. In this solo capacity, Michelle builds robust frameworks for our dynamic, young university, overseeing our insurance portfolio, consulting on third-party and event risks, and developing critical campus-wide training programs. Michelle has obtained the Committee of Sponsoring Organizations (COSO) Enterprise Risk Management certificate and the Associate in Risk Management (ARM) and Construction Risk and Insurance Specialist (CRIS) designations. Her distinct background in mathematics and engineering, combined with extensive higher education leadership, brings an analytical and strategic approach enhancing the institution’s resilience.