Existing learning-based Android malware detection methods exhibit insufficient robustness against code obfuscation and adversarial attacks, while multimodal fusion approaches lack joint optimization of accuracy and interference resilience. To address these limitations, we propose DMLDroid—a deep multimodal fusion detection framework that jointly models three heterogeneous feature modalities: permissions/intents, DEX-derived image representations, and API call sequences. DMLDroid introduces a novel dynamic weighted fusion mechanism enabling end-to-end joint optimization. The framework systematically integrates representation learning, convolutional neural networks (CNNs), graph neural networks (GNNs), and sequential models to enhance multimodal discriminative capability. Evaluated on the CICMalDroid 2020 dataset, DMLDroid achieves 97.98% accuracy and 98.67% F1-score. Crucially, it maintains over 98% accuracy and F1-score under both obfuscation and adversarial perturbations, demonstrating significantly improved robustness for real-world deployment.

In recent years, learning-based Android malware detection has seen significant advancements, with detectors generally falling into three categories: string-based, image-based, and graph-based approaches. While these methods have shown strong detection performance, they often struggle to sustain robustness in real-world settings, particularly when facing code obfuscation and adversarial examples (AEs). Deep multimodal learning has emerged as a promising solution, leveraging the strengths of multiple feature types to enhance robustness and generalization. However, a systematic investigation of multimodal fusion for both accuracy and resilience remains underexplored. In this study, we propose DMLDroid, an Android malware detection based on multimodal fusion that leverages three different representations of malware features, including permissions & intents (tabular-based), DEX file representations (image-based), and API calls (graph-derived sequence-based). We conduct exhaustive experiments independently on each feature, as well as in combination, using different fusion strategies. Experimental results on the CICMalDroid 2020 dataset demonstrate that our multimodal approach with the dynamic weighted fusion mechanism achieves high performance, reaching 97.98% accuracy and 98.67% F1-score on original malware detection. Notably, the proposed method maintains strong robustness, sustaining over 98% accuracy and 98% F1-score under both obfuscation and adversarial attack scenarios. Our findings highlight the benefits of multimodal fusion in improving both detection accuracy and robustness against evolving Android malware threats.