Intelligent malware detection based on graph convolutional network

Li, Shanxi; Zhou, Qing; Zhou, Rui; Lv, Qingquan

doi:10.1007/s11227-021-04020-y

Cited by 48 publications

(16 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Figure 1: The relationship between the K l and the model F1Figure2shows that as the proportion of node confusion increases, our method performs better, and the decline is more stable than Peng's and Li's methods[5][6]. It shows our denoising graph neural network can remove the influence of confusion attack and achieve better detection performance.…”

mentioning

confidence: 83%

Robust android malware detection based on subgraph network and denoising GCN network

Zhao

Lió

2022

Proceedings of the 20th Annual International Conference on Mobile Systems, Applications and Services

View full text Add to dashboard Cite

This paper proposes an Android malware detection model based on Android Function Call Graph (FCG) and Denoising Graph Convolutional Neural Network. This study proposes a method to simplify the FCG to reduce its size, and a new method to construct vertex feature vectors. The model uses the subgraph network to detect the underlying structural features of the FCG and discover the confusion attack. A denoising graph neural network is applied to graph convolution to reduce the impact of obfuscation attacks. CCS CONCEPTS• Security and privacy~Software and application security~Software security engineering.

show abstract

mentioning

confidence: 83%

Robust android malware detection based on subgraph network and denoising GCN network

Zhao

Lió

2022

Proceedings of the 20th Annual International Conference on Mobile Systems, Applications and Services

View full text Add to dashboard Cite

show abstract

“…To address this, some approaches can be employed by jointly using FCGs and CFGs, where embeddings from CFGs are integrated into the nodes of the FCGs, to capture both intra-procedural and inter-procedural semantic [32,33,53]. In the case of Android malware analysis, a prevalent approach is to statically extract the API call sequences from the application and represent them using a FCG [56,58,59,82].…”

Section: Common Graphmentioning

confidence: 99%

A Survey on Malware Detection with Graph Representation Learning

Bilot¹,

Madhoun²,

Agha³

et al. 2023

Preprint

View full text Add to dashboard Cite

Malware detection has become a major concern due to the increasing number and complexity of malware. Traditional detection methods based on signatures and heuristics are used for malware detection, but unfortunately, they suffer from poor generalization to unknown attacks and can be easily circumvented using obfuscation techniques. In recent years, Machine Learning (ML) and notably Deep Learning (DL) achieved impressive results in malware detection by learning useful representations from data and have become a solution preferred over traditional methods. More recently, the application of such techniques on graph-structured data has achieved state-of-the-art performance in various domains and demonstrates promising results in learning more robust representations from malware. Yet, no literature review focusing on graph-based deep learning for malware detection exists. In this survey, we provide an in-depth literature review to summarize and unify existing works under the common approaches and architectures. We notably demonstrate that Graph Neural Networks (GNNs) reach competitive results in learning robust embeddings from malware represented as expressive graph structures, leading to an efficient detection by downstream classifiers. This paper also reviews adversarial attacks that are utilized to fool graph-based detection methods. Challenges and future research directions are discussed at the end of the paper. CCS Concepts: • General and reference → Surveys and overviews; • Security and privacy → Malware and its mitigation; • Computing methodologies → Learning latent representations; Neural networks; Spectral methods.

show abstract

“…Keeping with Anomaly-based approaches, Alaeiyan et al introduce [115] VECG, a tool for exploring and supplying required environmental conditions at runtime, while in [116] Stiborek et al propose a novel tool that detects malware observing the interactions between the operating systems and network resources. ASSCA [117] is a system architecture that combines the Deep Learning model based on sequence data and the Machine Learning model based on API statistical features, similar to what happens in [118] where the API call relation is extracted, the ordered cycle graph is constructed based on 6 https://www.av-test.org/en/statistics/malware/ 7 https://www.statista.com/topics/8338/malware/dossierKeyfigures Markov chain and then the graph convolution neural network (GCN) detects malware. Other exciting works based on Deep Learning of Behavior Graphs are [119], [120] where for the detection are used file content and file relations.…”

Section: ) Artificial Intelligence In Malware Detectionmentioning

confidence: 99%

Explainable Artificial Intelligence in CyberSecurity: A Survey

et al. 2022

View full text Add to dashboard Cite

Nowadays, Artificial Intelligence (AI) is widely applied in every area of human being's daily life. Despite the AI benefits, its application suffer from the opacity of complex internal mechanisms and doesn't satisfy by design the principles of Explainable Artificial Intelligence (XAI). The lack of transparency further exacerbates the problem in the field of Cybersecurity because entrusting crucial decisions to a system that cannot explain itself presents obvious dangers. There are several methods in the literature capable of providing explainability of AI results. Anyway, the application of XAI in Cybersecurity can be a doubleedged sword. It substantially improves the Cybersecurity practices but simultaneously leaves the system vulnerable to adversary attacks. Therefore, there is a need to analyze the state-of-the-art of XAI methods in Cybersecurity to provide a clear vision for future research. This study presents an in-depth examination of the application of XAI in Cybersecurity. It considers more than 300 papers to comprehensively analyze the main Cybersecurity application fields, like Intrusion Detection Systems,Malware detection, Phishing and Spam detection, BotNets detection, Fraud detection, Zero-Day vulnerabilities, Digital Forensics and Crypto-Jacking . Specifically, this study focuses on the explainability methods adopted or proposed in these fields, pointing out promising works and new challenges.

show abstract

Intelligent malware detection based on graph convolutional network

Cited by 48 publications

References 22 publications

Robust android malware detection based on subgraph network and denoising GCN network

Robust android malware detection based on subgraph network and denoising GCN network

A Survey on Malware Detection with Graph Representation Learning

Explainable Artificial Intelligence in CyberSecurity: A Survey

Contact Info

Product

Resources

About