ririhedou / dr_droid Goto Github PK

Hi,
I get a little confused on the region based classification. Does a region means a third-party library or something else? If not, is this tool capable to identify third-party libraries (e.g., ads libraries)?
Thanks

I am a newbie in Android malware detection. I saw many ML-based tools are implemented based on Smali-IR. And I am also looking into the Soot for a more comprehensive analysis.

I have some questions on this tool.

1. How accurate is it to construct the call graph? (I saw Android app is event driven and contains many asynchronous callbacks)

2. Did you realize data-flow analysis in your tool?

I tested the tool with some pretty new apps but the accuracy is not as good as I expected.
I saw the dataset you use is rather old. Do you have some thoughts on detection of the stealthy malicious apps? The stealthy apps, i mean, may utilize some strategies to hide their malicious behaviors.

Hi,
I tested this tool and it is very helpful. I wonder could you add some new features (e.g., hardware features from Drebin) to make this tool more powerful?
https://www.tu-braunschweig.de/Medien-DB/sec/pubs/2014-ndss.pdf

Best,

Hi,

I have this problem on running the code:

/usr/local/lib/python2.7/dist-packages/numpy/core/fromnumeric.py:2699: VisibleDeprecationWarning: rank is deprecated; use the ndim attribute or function instead. To find the rank of a matrix see numpy.linalg.matrix_rank.
VisibleDeprecationWarning)
Namespace(apkinfo=True, feainfo=True, mlparameters=False, predict='apks/Geinimi--2e998614b17adbafeb55b5fb9820f63aec5ce8b4.apk', w=False)
Traceback (most recent call last):
File "main.py", line 59, in
runApkInfo(input_file)
File "/home/fuxinwei/temp/dr_droid/AppInfo.py", line 26, in runApkInfo
new_app = newStart(input_file)
File "/home/fuxinwei/temp/dr_droid/NewApp.py", line 102, in init
self.Tab_CallInOut()
File "/home/fuxinwei/temp/dr_droid/NewApp.py", line 144, in Tab_CallInOut
self._Callinout = YY_CallInOut(M,C,self.classlist)
File "/home/fuxinwei/temp/dr_droid/Callinout.py", line 22, in init
self.process_class_graph(classInvokelist, KE_classlist)
File "/home/fuxinwei/temp/dr_droid/Callinout.py", line 115, in process_class_graph
self.fcgnx_class_level = nx.DiGraph(nx.from_pydot(dgraph_class))
AttributeError: 'module' object has no attribute 'from_pydot'

could you help me to look into the problem?