Sequence Feature Extraction for Malware Family Analysis via Graph Neural Network

  title={Sequence Feature Extraction for Malware Family Analysis via Graph Neural Network},
  author={Shuen Wen Hsiao and Pillhwan Chu},
—Malicious software (malware) causes much harm to our devices and life. We are eager to understand the malware behavior and the threat it made. Most of the record files of malware are variable length and text-based files with time stamps, such as event log data and dynamic analysis profiles. Using the time stamps, we can sort such data into sequence-based data for the following analysis. However, dealing with the text-based sequences with variable lengths is difficult. In addition, unlike natural… 



NN-Based Feature Selection for Text-Based Sequential Data

The proposed novel neural network structure, named filterNN, is a framework that can adapt different NN classifiers (e.g., SLFN, CNN, and RNN) and can remove useless features from the sequential data while still keeping high classification accuracy.

Malware detection using assembly and API call sequences

This paper presents detection algorithms that can help the anti-virus community to ensure a variant of a known malware can still be detected without the need of creating a signature; a similarity analysis is performed to produce a matrix of similarity scores that can be utilized to determine the likelihood that a piece of code under inspection contains a particular malware.

Zero-day Malware Detection based on Supervised Learning Algorithms of API call Signatures

This paper proposes and evaluated a novel method of employing several data mining techniques to detect and classify zero-day malware with high levels of accuracy and efficiency based on the frequency of Windows API calls and offers future directions for researchers in exploring different aspects of obfuscations that are affecting the IT world today.

A Systematic Literature Review of Android Malware Detection Using Static Analysis

A systematic literature review of the latest work in Android malware detection using static analysis and a preliminary result that neural network model outperforms the non-neural network model inAndroid malware detection is concluded.

MARD: A Framework for Metamorphic Malware Analysis and Real-Time Detection

A survey on automated dynamic malware-analysis techniques and tools

An overview of techniques based on dynamic analysis that are used to analyze potentially malicious samples and analysis programs that employ these techniques to assist human analysts in assessing whether a given sample deserves closer manual inspection due to its unknown malicious behavior is provided.

A Comprehensive Survey on Graph Neural Networks

This article provides a comprehensive overview of graph neural networks (GNNs) in data mining and machine learning fields and proposes a new taxonomy to divide the state-of-the-art GNNs into four categories, namely, recurrent GNNS, convolutional GNN’s, graph autoencoders, and spatial–temporal Gnns.

An End-to-End Deep Learning Architecture for Graph Classification

This paper designs a localized graph convolution model and shows its connection with two graph kernels, and designs a novel SortPooling layer which sorts graph vertices in a consistent order so that traditional neural networks can be trained on the graphs.

Microsoft Malware Classification Challenge

A high-level comparison of the publications citing the Microsoft Malware Classification Challenge dataset simplifies finding potential research directions in this field and future performance evaluation of the dataset.