Using deep graph learning to improve dynamic analysis-based malware detection in PE files

被引:3
|
作者
Nguyen, Minh Tu [1 ]
Nguyen, Viet Hung [1 ]
Shone, Nathan [2 ]
机构
[1] LeQuyDon Tech Univ, Fac Informat Technol, 236 Hoang Quoc Viet, Hanoi, Vietnam
[2] Liverpool John Moores Univ, Sch Comp Sci & Math, Byrom St, Liverpool L3 3AF, England
来源
JOURNAL OF COMPUTER VIROLOGY AND HACKING TECHNIQUES | 2024年 / 20卷 / 01期
关键词
Malware detection; Dynamic analysis; Deep learning; Graph representation;
D O I
10.1007/s11416-023-00505-x
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Detecting zero-day malware in Windows PE files using dynamic analysis techniques has proven to be far more effective than traditional signature-based methods. One specific approach that has emerged in recent years is the use of graphs to represent executable behavior, which can be subsequently used to learn patterns. However, many current graph representations omit key parameter information, meaning that the behavioral impact of variable changes cannot be reliably understood. To combat these shortcomings, we present a new method for malware detection by applying a graph attention network on multi-edge directional heterogeneous graphs constructed from API calls. The experiments show the TPR and FPR scores demonstrated by our model, achieve better performance than those from other related works.
引用
收藏
页码:153 / 172
页数:20
相关论文
共 50 条
  • [1] Using deep graph learning to improve dynamic analysis-based malware detection in PE files
    Minh Tu Nguyen
    Viet Hung Nguyen
    Nathan Shone
    Journal of Computer Virology and Hacking Techniques, 2024, 20 : 153 - 172
  • [2] Deep Learning-Based Malware Detection Using PE Headers
    Nakrosis, Arnas
    Lagzdinyte-Budnike, Ingrida
    Paulauskaite-Taraseviene, Agne
    Paulikas, Giedrius
    Dapkus, Paulius
    INFORMATION AND SOFTWARE TECHNOLOGIES, ICIST 2022, 2022, 1665 : 3 - 18
  • [3] Network Malware Detection Using Deep Learning Network Analysis
    Xiao P.
    Journal of Cyber Security and Mobility, 2024, 13 (01): : 27 - 52
  • [4] Leveraging deep learning and image conversion of executable files for effective malware detection: A static malware analysis approach
    Guven, Mesut
    AIMS MATHEMATICS, 2024, 9 (06): : 15223 - 15245
  • [5] Windows PE Malware Detection Using Ensemble Learning
    Azeez, Nureni Ayofe
    Odufuwa, Oluwanifise Ebunoluwa
    Misra, Sanjay
    Oluranti, Jonathan
    Damasevicius, Robertas
    INFORMATICS-BASEL, 2021, 8 (01):
  • [6] DLGraph: Malware Detection Using Deep Learning and Graph Embedding
    Jiang, Haodi
    Turki, Turki
    Wang, Jason T. L.
    2018 17TH IEEE INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND APPLICATIONS (ICMLA), 2018, : 1029 - 1033
  • [7] Malware Detection using Malware Image and Deep Learning
    Choi, Sunoh
    Jang, Sungwook
    Kim, Youngsoo
    Kim, Jonghyun
    2017 INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGY CONVERGENCE (ICTC), 2017, : 1193 - 1195
  • [8] A Dynamic Malware Detection Mechanism Based on Deep Learning
    Yin, Wei
    Zhou, Hongjian
    Wang, Mingyang
    Jin, Zhiwen
    Xu, Jun
    INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2018, 18 (07): : 96 - 102
  • [9] Using Deep-Learning-based Memory Analysis for Malware Detection in Cloud
    Li, Huhua
    Zhan, Dongyang
    Liu, Tianrui
    Ye, Lin
    2019 IEEE 16TH INTERNATIONAL CONFERENCE ON MOBILE AD HOC AND SENSOR SYSTEMS WORKSHOPS (MASSW 2019), 2019, : 1 - 6
  • [10] Dynamic malware detection based on supervised contrastive learning
    Yang, Shumian
    Yang, Yongqi
    Zhao, Dawei
    Xu, Lijuan
    Li, Xin
    Yu, Fuqiang
    Hu, Jiarui
    COMPUTERS & ELECTRICAL ENGINEERING, 2025, 123
12345