A gradient booseting classifier was trained on extracted android application features to detect the presence of malware. The dataset, which was sourced from kaggle.com (see link below) included over 4000 Android applications with their extracted features binary coded as having or not having said feature. An accuracy of 96% was yeilded from the model, with a false negative rate of 2%. The SHAP library was used to interpret the final model to pool insights into how the presence or lack of certain features influenced the classification outcome. This was conducted through SHAP visualizations which are included in the final report and presentation. The objective of this project was to detect malware through modeling and to show that model interpretation could be used to inform the application review process, as well as internal softwares used to detect risk and warn users.

Code Files

• Detecting_Malware.ipynb

Final Reports

• Malware_Detection_Project_Report.pdf
• Malware_Detection_Presentation.ppt

The data for this project was sourced from kaggle.com, here. The 300+ variables of the dataset belong to one of many types of applications features. These categories and their descriptions are outlined in the table below.