https://github.com/yueyuel/xaiforandroidmalware

Explainable AI for Android Malware Detection: Towards Understanding Why the Models Perform So Well?
https://github.com/yueyuel/xaiforandroidmalware

android-app explainable-ai malware-detection reliability

Last synced: 7 days ago
JSON representation

Explainable AI for Android Malware Detection: Towards Understanding Why the Models Perform So Well?

• Host: GitHub
• URL: https://github.com/yueyuel/xaiforandroidmalware
• Owner: yueyueL
• Created: 2022-08-21T09:10:40.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2022-08-24T05:42:48.000Z (over 2 years ago)
• Last Synced: 2025-04-05T14:41:54.609Z (about 1 month ago)
• Topics: android-app, explainable-ai, malware-detection, reliability
• Homepage:
• Size: 20.8 MB
• Stars: 13
• Watchers: 2
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# XAI for Android Malware Detection

This repository contains the replication package and dataset of the paper published at ISSRE 2022 with the title [**Explainable AI for Android Malware Detection: Towards Understanding Why the Models Perform So Well?**](https://www.researchgate.net/publication/362885641_Explainable_AI_for_Android_Malware_Detection_Towards_Understanding_Why_the_Models_Perform_So_Well)

For more information, interested researchers can contact us by sending an email to [email protected]. The full dataset is available below.

## Reproduced package

In this work, we replicate three high-profile ML-based Android malware detection approaches. 

* Drebin: [pdf](https://prosec.mlsec.org/docs/2014-ndss.pdf), [reproduction code](https://github.com/MLDroid/drebin)

* XMal: [pdf](https://dl.acm.org/doi/10.1145/3423096), [reproduction code](https://github.com/wubozhi/Xmal)

* Fan et al.: [pdf](https://ieeexplore.ieee.org/abstract/document/9186721), [reproduction code for models](https://scikit-learn.org/stable/supervised_learning.html), [reproduction code for LIME](https://github.com/marcotcr/lime)

## Data

The data folder contains the metadata of Android apps from [AndroZoo](https://androzoo.uni.lu/). AndroZoo is a online collection of Android Applications collected from several sources, including the official Google Play app market. To how to download the dataset, please visit [AndroZoo API Documentation](https://androzoo.uni.lu/api_doc). 

The Android samples span across a 10-year period from 2011 to 2020. The dataset is divided into two parts: benign and malicious samples. We put the metadata (e.g., sha256, md5, market, package name, size) of the samples from different periods into different folders. 

For the ground-truth of temporal information of features (i.e., permission and API calls), the researchers can refer the recent Android Developer Documentation [link](https://developer.android.com/). We put the ground-truth of Android SDK 30 (i.e., data/api-versions.xml) into the data folder.