Installation

You can either run the tool using our resources, or try to make it working by yourself.

Docker image and MyBinder.org notebooks

If you don’t want to analyze large dataset by yourself, you can use our pre-processed dataset from this Jupyter notebook. Would you insist on going through the decompilation, you can use our Docker image with

docker pull adamjanovsky/cryptomlw:latest \
& docker run -it adamjanovsky/cryptomlw

Inside the image, you can run our toy experiment with

cd AndroidMalwareCrypto \
&& ./cli_process.py sample_experiment/configs/dataset_processing/config_processing.yml

and then see the output in /home/user/AndroidMalwareCrypto/sample_experiment/dataset/.

For exporting outputs outside of the container, we recommend Docker volumes.

Dependencies

The rest of this document describes how to make our tool work on your local machine (unix). You’re going to need Python 3.8. Start with the following

python3 -m venv venv \
& source venv/bin/activate \
& pip3 install -r requirements.txt

and continue with resolving the dependencies below. You can also use the Dockerfile that illustrates which commands were needed to run our tool on vanilla Ubuntu (without Neptune and Androzoo integration, however).

Neptune integration

The project is capabple of being fully integrated with Neptune.ai. This allows the user to track all experiments performed with the project. Most notably, it is possible to monitor a progress of long-running experiment.

Neptune.ai monitoring tool

If you wish to integrate Neptune.ai with this tool, you simply have to register at Neptune.ai and specify the following options in the configuration file:

is_being_logged: True # If you want to log in Neptune.ai or not.
neptune_project_name: 'Team/YourProjectName' # Name of project in the Neptune.ai
experiment_name: 'MyLittleExperiment' # Name of experiment for the Neptune.ai

If you do not want to integrate with Neptune.ai, simply put is_being_logged: False to the experiment config and should be safe to go.

Androguard and Jadx integration

We decided to use Jadx decompiler instead of the Androguard’s default DAD. That is because Jadx decompiler, from our experience, produces cleaner source code (don’t forget to use patched version of androguard mentioned in requirements.txt). Naturally, you need to have Jadx installed and present in a path. To navigate androidcrypto to your jadx decompiler, specify the following option in the configuration file:

jadx_path: '/path/to/jadx/build/jadx/bin/jadx' # Path to the jadx binary in your system, keep it 'jadx' if jadx is in your system path

Literadar integration

Detection of third-party libraries usage uses the fork of LiteRadar script under the hood. That script is being executed as python2 process, so you need to have python2 (2.7) functionable as well on your computer.