This is a opensource repo about how to detect android malware using Random Forest Classifier and explain it use linearsvc. Why we use the simple Random Forest Model to see :
Chinese Version: https://www.liansecurity.com/#/main/news/TfrG0IoBQKl-d7iA6Wuh/detail
English Version: https://www.liansecurity.com/#/main/news/TPqb0IoBQKl-d7iAEGuS/detail
The sample sources come from Abuse.ch's MalwareBazaar and VX-Underground. Thanks to our partners Abuse.ch and VX-Underground for their contributions, allowing us to have substantial support in the area of Android malware samples.
Train:
python permission_select.py train
Predict:
python3 permission_select.py predict android.permission.ACCESS_NETWORK_STATE android.permission.VIBRATE android.permission.INTERNET ...
This model only achieves 85% accuracy rate even on our own test data. We are trying to add the data of behavior analysis to training. If we achieve better accuracy, we will continue to open source.