Using deep graph learning to improve dynamic analysis-based malware detection in PE files

被引:3
|
作者
Nguyen, Minh Tu [1 ]
Nguyen, Viet Hung [1 ]
Shone, Nathan [2 ]
机构
[1] LeQuyDon Tech Univ, Fac Informat Technol, 236 Hoang Quoc Viet, Hanoi, Vietnam
[2] Liverpool John Moores Univ, Sch Comp Sci & Math, Byrom St, Liverpool L3 3AF, England
来源
JOURNAL OF COMPUTER VIROLOGY AND HACKING TECHNIQUES | 2024年 / 20卷 / 01期
关键词
Malware detection; Dynamic analysis; Deep learning; Graph representation;
D O I
10.1007/s11416-023-00505-x
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Detecting zero-day malware in Windows PE files using dynamic analysis techniques has proven to be far more effective than traditional signature-based methods. One specific approach that has emerged in recent years is the use of graphs to represent executable behavior, which can be subsequently used to learn patterns. However, many current graph representations omit key parameter information, meaning that the behavioral impact of variable changes cannot be reliably understood. To combat these shortcomings, we present a new method for malware detection by applying a graph attention network on multi-edge directional heterogeneous graphs constructed from API calls. The experiments show the TPR and FPR scores demonstrated by our model, achieve better performance than those from other related works.
引用
收藏
页码:153 / 172
页数:20
相关论文
共 50 条
  • [1] Using deep graph learning to improve dynamic analysis-based malware detection in PE files
    Minh Tu Nguyen
    Viet Hung Nguyen
    Nathan Shone
    Journal of Computer Virology and Hacking Techniques, 2024, 20 : 153 - 172
  • [2] Deep Learning-Based Malware Detection Using PE Headers
    Nakrosis, Arnas
    Lagzdinyte-Budnike, Ingrida
    Paulauskaite-Taraseviene, Agne
    Paulikas, Giedrius
    Dapkus, Paulius
    INFORMATION AND SOFTWARE TECHNOLOGIES, ICIST 2022, 2022, 1665 : 3 - 18
  • [3] Graph-based malware detection using dynamic analysis
    Anderson, Blake
    Quist, Daniel
    Neil, Joshua
    Storlie, Curtis
    Lane, Terran
    JOURNAL OF COMPUTER VIROLOGY AND HACKING TECHNIQUES, 2011, 7 (04): : 247 - 258
  • [4] DLGraph: Malware Detection Using Deep Learning and Graph Embedding
    Jiang, Haodi
    Turki, Turki
    Wang, Jason T. L.
    2018 17TH IEEE INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND APPLICATIONS (ICMLA), 2018, : 1029 - 1033
  • [5] A Dynamic Malware Detection Mechanism Based on Deep Learning
    Yin, Wei
    Zhou, Hongjian
    Wang, Mingyang
    Jin, Zhiwen
    Xu, Jun
    INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2018, 18 (07): : 96 - 102
  • [6] An Experimental Analysis on Malware Detection in Executable Files using Machine Learning
    Sharma, Anurag
    Mohanty, Suman
    Islam, Md Ruhul
    2021 8TH INTERNATIONAL CONFERENCE ON SMART COMPUTING AND COMMUNICATIONS (ICSCC), 2021, : 178 - 182
  • [7] Automatic Malware Detection Using Deep Learning Based on Static Analysis
    Liu, Liu
    Wang, Baosheng
    DATA SCIENCE, PT 1, 2017, 727 : 500 - 507
  • [8] A Deep Reinforcement Learning Malware Detection Method Based on PE Feature Distribution
    Liu Binxiang
    Zhao Gang
    Sun Ruoyin
    2019 6TH INTERNATIONAL CONFERENCE ON INFORMATION SCIENCE AND CONTROL ENGINEERING (ICISCE 2019), 2019, : 23 - 27
  • [9] Leveraging deep learning and image conversion of executable files for effective malware detection: A static malware analysis approach
    Guven, Mesut
    AIMS MATHEMATICS, 2024, 9 (06): : 15223 - 15245
  • [10] Efficient Dynamic Malware Analysis Based on Network Behavior Using Deep Learning
    Shibahara, Toshiki
    Yagi, Takeshi
    Akiyama, Mitsuaki
    Chiba, Daiki
    Yada, Takeshi
    2016 IEEE GLOBAL COMMUNICATIONS CONFERENCE (GLOBECOM), 2016,
12345