metadata
license: apache-2.0
tags:
- android
- malware-detection
- cybersecurity
- static-analysis
- mobile-security
- mobsf
- classification
- security
pipeline_tag: text-classification
metrics:
- f1
- precision
- recall
- accuracy
base_model:
- microsoft/codebert-base
Android Malware Detector (MobSF Companion)
Model description
This AI model classifies Android APKs as benign or malicious using features extracted during analysis with MobSF.
Its goal is to complement MobSF reports with a reproducible ML score/decision to support triage prioritization and CI/CD automation.
Intended use
Primary intended uses
- Enrich the MobSF pipeline: consume analysis features (permissions) and produce a risk score.
- Research/academia: benchmarking Android malware detection models.
Out-of-scope uses
- It is not a real-time on-device antivirus.
- It does not replace manual analysis, reversing, or signature verification.
- It should not be used as the sole criterion for punitive actions (e.g., bans) without review.
How to use (with MobSF)
MobSF can be automated via its REST API to upload, scan, and retrieve reports, which makes it possible to integrate this model as a post-scan step.
Minimal pipeline (conceptual)
- Run analysis in MobSF (API).
- Retrieve
report.json(or another artifact). - Extract/transform features into the format expected by the model.
- Run inference with the model and attach the result back into the workflow (CI/CD, dashboard, etc.).