Malware Classification
41 papers with code • 2 benchmarks • 5 datasets
Malware Classification is the process of assigning a malware sample to a specific malware family. Malware within a family shares similar properties that can be used to create signatures for detection and classification. Signatures can be categorized as static or dynamic based on how they are extracted. A static signature can be based on a byte-code sequence, binary assembly instruction, or an imported Dynamic Link Library (DLL). Dynamic signatures can be based on file system activities, terminal commands, network communications, or function and system call sequences.
Source: Behavioral Malware Classification using Convolutional Recurrent Neural Networks
Benchmarks
These leaderboards are used to track progress in Malware Classification
EMBER
Malimg
IoT-23
Subtasks
Latest papers with no code
Evaluating the Efficacy of Prompt-Engineered Large Multimodal Models Versus Fine-Tuned Vision Transformers in Image-Based Security Applications
The success of Large Language Models (LLMs) has led to a parallel rise in the development of Large Multimodal Models (LMMs), such as Gemini-pro, which have begun to transform a variety of applications.
Holographic Global Convolutional Networks for Long-Range Prediction Tasks in Malware Detection
Malware detection is an interesting and valuable domain to work in because it has significant real-world impact and unique machine-learning challenges.
TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time (Extended Version)
Machine learning (ML) plays a pivotal role in detecting malicious software.
A Malware Classification Survey on Adversarial Attacks and Defences
This survey study offers an in-depth look at current research in adversarial attack and defensive strategies for malware classification in cybersecurity.
Enhancing Efficiency and Privacy in Memory-Based Malware Classification through Feature Selection
Results demonstrate that the feature selection strategy, incorporating mutual information and other methods, enhances classifier performance for all tasks.
Malware Classification using Deep Neural Networks: Performance Evaluation and Applications in Edge Devices
With the increasing extent of malware attacks in the present day along with the difficulty in detecting modern malware, it is necessary to evaluate the effectiveness and performance of Deep Neural Networks (DNNs) for malware classification.
Impact of Feature Encoding on Malware Classification Explainability
Using a malware classification dataset, we trained an XGBoost model and compared the performance of two feature encoding methods: Label Encoding (LE) and One Hot Encoding (OHE).
A Natural Language Processing Approach to Malware Classification
Many different machine learning and deep learning techniques have been successfully employed for malware detection and classification.
Steganographic Capacity of Deep Learning Models
We find that the steganographic capacity of the learning models tested is surprisingly high, and that in each case, there is a clear threshold after which model performance rapidly degrades.
Interpreting GNN-based IDS Detections Using Provenance Graph Structural Features
PROVEXPLAINER allowed simple DT models to achieve 95% fidelity to the GNN on program classification tasks with general graph structural features, and 99% fidelity on malware detection tasks with a task-specific feature package tailored for direct interpretation.
