Using deep learning to trace system calls in an android device and use the system calls on different deep learning models to detect benign and malicious apks.
This Java library helps extract the Manifest file from an APK.
java -jar APKParser.jar
Prints out the
Tools and Scripts
bitstring.py: A Python (Python2) script that prints the bitstring of selected system calls.
dataset.py: A Python library to read and handle the dataset files.
emulate.sh: A BASH script to reset and start the Android Emulator.
extractxml.py: A Python script to extract the necessary activities and services from the manifest file.
features_preprocess1.py: A Python script to perform pre-processing to obtain the features.
freq-vectors.py: A Python script to generate a frequency vector.
ga.py: A Python library implementing Genetic Algorithm.
graphing.py: A Python Graphing Library.
nb.py: A Python library implementing Naive Bayes Classifier.
plotROC.py: A Python library to plot the ROC curve.
preprocess.sh: A BASH script to preprocess the raw files.
project.sh: A BASH script which takes APKs and runs them on the emulator and collects the necessary logs.
rankfeatures.py: A Python library used to rank the features.
select2.py: A Python library used to select the features.
syscalls.py: A Python library containing the selected system calls.
vectorize.py: A python library to vectorize
- Download Android SDK from the offical website.
- Set the SDK variables in the script to the SDK folders.
- Create an Android Virtual Device and use the same name in the scripts.
The scripts use BASH and Python2.