Malware detection based on directed multi-edge dataflow graph representation and convolutional neural network

Hung, Nguyen Viet; Dung, Pham Ngoc; Ngoc, Tran Nguyen; Phai, Vu Dinh; Shi, Qi

doi:10.1109/kse.2019.8919284

Cited by 9 publications

(3 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These interactions can be captured using sandbox tools like cuckoo [84] for a deep analysis of the program's behaviors. Similarly as provenance graphs employed in host-based intrusion, these entities can be modeled as nodes in a graph, and the edges represent the operations between them [60,85].…”

Section: Common Graphmentioning

confidence: 99%

“…The dynamic nature of communications between system entities provide valuable information to detect malicious behaviors. In the paper [60], authors monitor such interactions using dynamic analysis. Directed multi-edge graphs are built from interactions between four system entities: processes, files, registry keys and network sockets.…”

Section: Entity Graph Approaches For Windows Malwarementioning

confidence: 99%

“…It is common to download PE malware and Android malware from these two websites. Some works rely on dynamic analysis to run the downloaded malware into a cuckoo sandbox [58][59][60], whereas others build static CFGs and FCGs [53,55].…”

Section: Windows Malware Datasetsmentioning

confidence: 99%

See 2 more Smart Citations

A Survey on Malware Detection with Graph Representation Learning

Bilot¹,

Madhoun²,

Agha³

et al. 2023

Preprint

View full text Add to dashboard Cite

Malware detection has become a major concern due to the increasing number and complexity of malware. Traditional detection methods based on signatures and heuristics are used for malware detection, but unfortunately, they suffer from poor generalization to unknown attacks and can be easily circumvented using obfuscation techniques. In recent years, Machine Learning (ML) and notably Deep Learning (DL) achieved impressive results in malware detection by learning useful representations from data and have become a solution preferred over traditional methods. More recently, the application of such techniques on graph-structured data has achieved state-of-the-art performance in various domains and demonstrates promising results in learning more robust representations from malware. Yet, no literature review focusing on graph-based deep learning for malware detection exists. In this survey, we provide an in-depth literature review to summarize and unify existing works under the common approaches and architectures. We notably demonstrate that Graph Neural Networks (GNNs) reach competitive results in learning robust embeddings from malware represented as expressive graph structures, leading to an efficient detection by downstream classifiers. This paper also reviews adversarial attacks that are utilized to fool graph-based detection methods. Challenges and future research directions are discussed at the end of the paper. CCS Concepts: • General and reference → Surveys and overviews; • Security and privacy → Malware and its mitigation; • Computing methodologies → Learning latent representations; Neural networks; Spectral methods.

show abstract

Section: Common Graphmentioning

confidence: 99%

Section: Entity Graph Approaches For Windows Malwarementioning

confidence: 99%