---
license: apache-2.0
tags:
- android
- malware-detection
- cybersecurity
- static-analysis
- mobile-security
- mobsf
- classification
- security
pipeline_tag: text-classification
metrics:
- f1
- precision
- recall
- accuracy
base_model:
- microsoft/codebert-base
---

# Android Malware Detector (MobSF Companion)

## Model description
This AI model classifies Android APKs as **benign** or **malicious** using features extracted during analysis with MobSF.  
Its goal is to complement MobSF reports with a reproducible ML score/decision to support triage prioritization and CI/CD automation.

## Intended use

### Primary intended uses
- Enrich the MobSF pipeline: consume analysis features (permissions) and produce a risk score.
- Research/academia: benchmarking Android malware detection models.

### Out-of-scope uses
- It is not a real-time on-device antivirus.
- It does not replace manual analysis, reversing, or signature verification.
- It should not be used as the sole criterion for punitive actions (e.g., bans) without review.

## How to use (with MobSF)
MobSF can be automated via its REST API to upload, scan, and retrieve reports, which makes it possible to integrate this model as a post-scan step.

### Minimal pipeline (conceptual)
1. Run analysis in MobSF (API).
2. Retrieve `report.json` (or another artifact).
3. Extract/transform features into the format expected by the model.
4. Run inference with the model and attach the result back into the workflow (CI/CD, dashboard, etc.).

### USAGE API MOBSF

https://github.com/H4ch1rou/NyerAndroidMalwarePOC