@article{4735,
  author = {Simon James Fong},
  title = {Performance-Based Clustering of Android Devices Through Cryptographic Benchmark Profiling: An Unsupervised Learning Approach to Security-Aware Device Characterization},
  journal = {Journal of Information Security Research},
  year = {2026},
  volume = {17},
  number = {2},
  doi = {https://doi.org/10.6025/jisr/2026/17/2/91-105},
  url = {https://www.dline.info/jisr/fulltext/v17n2/jisrv17n3_1.pdf},
  abstract = {The proliferation of Android devices across diverse hardware architectures and software configurations
introduces significant variability in cryptographic execution performance, directly impacting security
readiness and protocol optimization. Despite extensive research on cloud security and malware detection,
device-level computational heterogeneity remains underexplored. This study presents an unsupervised
learning framework to characterize Android devices based on their intrinsic cryptographic benchmark
profiles. Analyzing a curated dataset of 17 devices across 140 cryptographic timing features, we apply log
transformation, standardization, and Principal Component Analysis (PCA), which captures 77.4% of variance
in two dimensions. Three clustering algorithms K-means, hierarchical clustering, and DBSCAN are
systematically evaluated. Results reveal a natural three-tier performance stratification, with K-means
providing the most interpretable partition (Silhouette score: 0.325). Feature importance analysis
demonstrates that public-key operations, particularly ECDSA and large-key RSA benchmarks, are the primary
performance differentiators due to their computational intensity and sensitivity to hardware acceleration.
Hierarchical analysis confirms this macro-structure and highlights gradual performance transitions among
boundary devices, while DBSCAN effectively identifies tight local similarities. These findings establish a
methodological foundation for performance-aware security assessment, enabling dynamic cryptographic
parameter selection, optimized resource allocation, and targeted threat modeling. Furthermore, the
framework is extended with proposed anomaly detection techniques for fine grained security monitoring.
Ultimately, this research underscores the critical need for hardware aware intelligence in mobile
cybersecurity, bridging device-level performance profiling with adaptive security analytics across
heterogeneous Android ecosystems.},
}