Z2F: Heterogeneous Graph-Based Android Malware Detection
Step1:using apktoo.jar and apktool.bat to install apktool to decompile Android packages; Step2:using decompile.py to batch decompile Android packages.
using check_empty.py,check_smali.py,delete_empty.py and filter_samples.py to check and delete all waste samples;
After decompilation, we get a folder for each Android application; Step1:using extract_api.py to extract api feature; Step12:using extract_interface.py to extract interface feature; ...
We use JSON format to store the extracted raw data,api data not uploaded due to storage capacity;
Refer to the paper 's original formula (1) ,formula (2);
The model is based on HAN
the samples's data after Z2F