Using deep graph learning to improve dynamic analysis-based malware detection in PE files

被引:3
|
作者
Nguyen, Minh Tu [1 ]
Nguyen, Viet Hung [1 ]
Shone, Nathan [2 ]
机构
[1] LeQuyDon Tech Univ, Fac Informat Technol, 236 Hoang Quoc Viet, Hanoi, Vietnam
[2] Liverpool John Moores Univ, Sch Comp Sci & Math, Byrom St, Liverpool L3 3AF, England
来源
JOURNAL OF COMPUTER VIROLOGY AND HACKING TECHNIQUES | 2024年 / 20卷 / 01期
关键词
Malware detection; Dynamic analysis; Deep learning; Graph representation;
D O I
10.1007/s11416-023-00505-x
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Detecting zero-day malware in Windows PE files using dynamic analysis techniques has proven to be far more effective than traditional signature-based methods. One specific approach that has emerged in recent years is the use of graphs to represent executable behavior, which can be subsequently used to learn patterns. However, many current graph representations omit key parameter information, meaning that the behavioral impact of variable changes cannot be reliably understood. To combat these shortcomings, we present a new method for malware detection by applying a graph attention network on multi-edge directional heterogeneous graphs constructed from API calls. The experiments show the TPR and FPR scores demonstrated by our model, achieve better performance than those from other related works.
引用
收藏
页码:153 / 172
页数:20
相关论文
共 50 条
  • [41] A survey on machine learning-based malware detection in executable files
    Singh, Jagsir
    Singh, Jaswinder
    JOURNAL OF SYSTEMS ARCHITECTURE, 2021, 112
  • [42] Malware Detection Techniques Based on Deep Learning
    Sreekumari, Prasanthi
    2020 IEEE 6TH INT CONFERENCE ON BIG DATA SECURITY ON CLOUD (BIGDATASECURITY) / 6TH IEEE INT CONFERENCE ON HIGH PERFORMANCE AND SMART COMPUTING, (HPSC) / 5TH IEEE INT CONFERENCE ON INTELLIGENT DATA AND SECURITY (IDS), 2020, : 65 - 70
  • [43] Deep Learning based Malware Detection for Android Systems: A Comparative Analysis
    Bayazit, Esra Calik
    Sahingoz, Ozgur Koray
    Dogan, Buket
    TEHNICKI VJESNIK-TECHNICAL GAZETTE, 2023, 30 (03): : 787 - 796
  • [44] A PE header-based method for malware detection using clustering and deep embedding techniques
    Rezaei, Tina
    Manavi, Farnoush
    Hamzeh, Ali
    JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2021, 60
  • [45] A Malware Detection Approach Based on Deep Learning and Memory Forensics
    Zhang, Shuhui
    Hu, Changdong
    Wang, Lianhai
    Mihaljevic, Miodrag J.
    Xu, Shujiang
    Lan, Tian
    SYMMETRY-BASEL, 2023, 15 (03):
  • [46] XRan: Explainable deep learning-based ransomware detection using dynamic analysis
    Gulmez, Sibel
    Kakisim, Arzu Gorgulu
    Sogukpinar, Ibrahim
    COMPUTERS & SECURITY, 2024, 139
  • [47] Deep learning-aided runtime opcode-based Windows malware detection
    Parildi, Enes Sinan
    Hatzinakos, Dimitrios
    Lawryshyn, Yuri
    NEURAL COMPUTING & APPLICATIONS, 2021, 33 (18) : 11963 - 11983
  • [48] Detecting Cryptomining Malware: a Deep Learning Approach for Static and Dynamic Analysis
    Hamid Darabian
    Sajad Homayounoot
    Ali Dehghantanha
    Sattar Hashemi
    Hadis Karimipour
    Reza M. Parizi
    Kim-Kwang Raymond Choo
    Journal of Grid Computing, 2020, 18 : 293 - 303
  • [49] A Fuzzy Deep Learning Network for Dynamic Mobile Malware Detection
    Mercaldo, Francesco
    Martinelli, Fabio
    Santone, Antonella
    2023 IEEE INTERNATIONAL CONFERENCE ON FUZZY SYSTEMS, FUZZ, 2023,
  • [50] Enhanced capsule network-based executable files malware detection and classification-deep learning approach
    Shelar, Manoj D.
    Rao, S. Srinivasa
    CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, 2024, 36 (04)
12345