Skip to content

stodi1/malwaresdetection

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 

Repository files navigation

malwaresdetection

This project is a behavioral malware detection for Android application.

Introduction

This project has a goal of classifying Android application as Malware or Goodware based on a Conventional Neural Network (CNN) model. The project is two-step process, first a learning process is executed to learn from a Goodware and Malware dataset.

Learning phase

In this step, We provide three scripts for analysing application, formatting results, and a learning process, respectively.

Analysing

In the first step, we use a Bash script that interacts with an Android emulator (Genymotion) to install, execute, and simulate pseudo-random events in the application and listening for generated system calls simultaneously. These system calls (SCs) are saved in separate file and pulled from the machine.

Formatting results

After the analysing process, we format the resulted system calls from all the application as a matrix that calculate the distance between them (See the research paper bellow for more information). These format is similar to the pixels format for the picture and hence, we used the CNN algorithm used for classifying images.

Learning

We used a CNN algorithm to extract the features from our data and get a well trained model. I have an already trained model that I can provide if you wish. Our model has an accuracy of 93%.

Detection

After having our model trained, we can use it to classify new simple and get instant results.

More information

A research paper has been published on our work, you can find it in this link: https://ieeexplore.ieee.org/abstract/document/8902627

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published