Malware Classification
41 papers with code • 2 benchmarks • 5 datasets
Malware Classification is the process of assigning a malware sample to a specific malware family. Malware within a family shares similar properties that can be used to create signatures for detection and classification. Signatures can be categorized as static or dynamic based on how they are extracted. A static signature can be based on a byte-code sequence, binary assembly instruction, or an imported Dynamic Link Library (DLL). Dynamic signatures can be based on file system activities, terminal commands, network communications, or function and system call sequences.
Source: Behavioral Malware Classification using Convolutional Recurrent Neural Networks
Benchmarks
These leaderboards are used to track progress in Malware Classification
Subtasks
Most implemented papers
Integration of Static and Dynamic Analysis for Malware Family Classification with Composite Neural Network
In this paper, we combine static and dynamic analysis features with deep neural networks for Windows malware classification.
A Framework for Enhancing Deep Neural Networks Against Adversarial Malware
By conducting experiments with the Drebin Android malware dataset, we show that the framework can achieve a 98. 49\% accuracy (on average) against grey-box attacks, where the attacker knows some information about the defense and the defender knows some information about the attack, and an 89. 14% accuracy (on average) against the more capable white-box attacks, where the attacker knows everything about the defense and the defender knows some information about the attack.
Why an Android App is Classified as Malware? Towards Malware Classification Interpretation
In this paper, to fill this gap, we propose a novel and interpretable ML-based approach (named XMal) to classify malware with high accuracy and explain the classification result meanwhile.
HYDRA: A multimodal deep learning framework for malware classification
While traditional machine learning methods for malware detection largely depend on hand-designed features, which are based on experts’ knowledge of the domain, end-to-end learning approaches take the raw executable as input, and try to learn a set of descriptive features from it.
Less is More: A privacy-respecting Android malware classifier using Federated Learning
In this paper we present LiM ("Less is More"), a malware classification framework that leverages Federated Learning to detect and classify malicious apps in a privacy-respecting manner.
DAEMON: Dataset-Agnostic Explainable Malware Classification Using Multi-Stage Feature Mining
Moreover, malware classification facilitates determining which of the newly discovered variants should undergo manual analysis by a security expert, in order to determine whether they belong to a new family (e. g., one whose members exploit a zero-day vulnerability) or are simply the result of a concept drift within a known malicious family.
Orthrus: A Bimodal Learning Architecture for Malware Classification
Malware detection and classification is a challenging problem and an active area of research.
Adversarial Robustness with Non-uniform Perturbations
Robustness of machine learning models is critical for security related applications, where real-world adversaries are uniquely focused on evading neural network based detectors.
Deep Learning for Android Malware Defenses: a Systematic Literature Review
In this paper, we conducted a systematic literature review to search and analyze how deep learning approaches have been applied in the context of malware defenses in the Android environment.
An Empirical Analysis of Image-Based Learning Techniques for Malware Classification
In this paper, we consider malware classification using deep learning techniques and image-based features.