Skip to content

Trustworthy-Software/TIML

Repository files navigation

TIML: Temporal-Incremental Malware Learning

Welcome to the TIML project. This repository contains the codebase and necessary information to replicate the experiments in our paper on Temporal-Incremental Malware Learning.

Environment Setup

  1. Install Required Packages: Use the provided environment.yaml file to create a new Conda environment and install the required packages.

    conda env create --file environment.yaml
  2. Activate the TIML Environment: Switch to the newly created environment using the following command:

    conda activate TIML

Dataset Preparation

  1. Download MalNet Data: Obtain MalNet images and labels from the MalNet Website.

  2. Download APKs Using Malware Hash: Utilize the malware hash corresponding to each image in the MalNet dataset to download the original APK from AndroZoo.

  3. Generate MalScan Features: Use the MalScan Tool to process the APKs and extract MalScan features.

Data Preprocessing

  1. Generate Dataset Statistics: Execute the chronological_statistics.py script to compute essential statistics of the dataset.

    python chronological_statistics.py
  2. Restructure the Dataset: Run the data_preprocess script to organize the dataset according to the TIML paradigm.

    python data_preprocess.py

Training and Evaluation

  1. Set Experiment Configuration: Modify the configuration files within the exp_settings folder to suit each approach you intend to test.

  2. Train and Evaluate the Model: Execute experiments based on the selected configurations. Examples are provided below:

    • For MalNet image:
      python main.py --exp_setting exp_settings/full_malnet_data/upper_bound.yaml
    • For MalScan features:
      python main_malscan.py --exp_setting exp_settings/full_malscan_data/lwf_w_exemplar_malscan.yaml

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages