Few-Shot Android Malware Classification with QuantumEnhanced Prototypical Learning and Drift Detection

Android malware detection systems face critical challenges including data scarcity for emerging threat families, highdimensional feature spaces, and concept drift caused by evolving attack techniques. Traditional machine learningapproaches require extensive labeled datasets and frequent retraining, limiting their practical deployment againstrapidly emerging threats. This paper proposes an adaptive few-shot malware classification framework that integratesCatBoost-based feature selection, prototypical networks with episodic meta-learning, quantum-enhanced classification,concept drift detection, and explainable AI (XAI) analysis using SHAP and LIME. The CatBoost feature selection reducesdimensionality by 99.46% on CCCS-CIC-AndMal-2020 (9,503 to 51 features) and 94.07% on KronoDroid (489 to 29features) while preserving discriminative information. The prototypical network learns metric-based representationsenabling classification with only 5 support samples per class. Extensive experiments demonstrate state-of-the-artperformance with 99.70% accuracy on CCCS-CIC-AndMal-2020 (15 malware families) and 99.33% accuracy onKronoDroid (binary classification), outperforming existing methods by 0.70–9.70%. The framework exhibits robusttemporal stability with maximum accuracy degradation of 0.24% across evaluation periods. XAI analysis reveals thatfile descriptor manipulation and file system operations are the most discriminative features for malware detection.These results establish few-shot prototypical learning with intelligent feature selection as an effective paradigm forpractical malware detection requiring minimal annotation, interpretable decisions, and stable long-term performance