A Comparison of Graph Neural Networks for Malware Classification

• URL: http://arxiv.org/abs/2303.12812v1
• Date: Wed, 22 Mar 2023 01:05:57 GMT
• Title: A Comparison of Graph Neural Networks for Malware Classification
• Authors: Vrinda Malhotra and Katerina Potika and Mark Stamp
• Abstract summary: We train a wide range of Graph Neural Network (GNN) architectures to generate embeddings which we then classify. We find that our best GNN models outperform previous comparable research involving the well-known MalNet-Tiny Android malware dataset.
• Score: 2.707154152696381
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Managing the threat posed by malware requires accurate detection and classification techniques. Traditional detection strategies, such as signature scanning, rely on manual analysis of malware to extract relevant features, which is labor intensive and requires expert knowledge. Function call graphs consist of a set of program functions and their inter-procedural calls, providing a rich source of information that can be leveraged to classify malware without the labor intensive feature extraction step of traditional techniques. In this research, we treat malware classification as a graph classification problem. Based on Local Degree Profile features, we train a wide range of Graph Neural Network (GNN) architectures to generate embeddings which we then classify. We find that our best GNN models outperform previous comparable research involving the well-known MalNet-Tiny Android malware dataset. In addition, our GNN models do not suffer from the overfitting issues that commonly afflict non-GNN techniques, although GNN models require longer training times.

Related papers

• Stealing Training Graphs from Graph Neural Networks [54.52392250297907]
  Graph Neural Networks (GNNs) have shown promising results in modeling graphs in various tasks. As neural networks can memorize the training samples, the model parameters of GNNs have a high risk of leaking private training data. We investigate a novel problem of stealing graphs from trained GNNs.
  arXiv  Detail & Related papers  (2024-11-17T23:15:36Z)
• Provable Robustness of (Graph) Neural Networks Against Data Poisoning and Backdoor Attacks [50.87615167799367]
  We certify Graph Neural Networks (GNNs) against poisoning attacks, including backdoors, targeting the node features of a given graph. Our framework provides fundamental insights into the role of graph structure and its connectivity on the worst-case behavior of convolution-based and PageRank-based GNNs.
  arXiv  Detail & Related papers  (2024-07-15T16:12:51Z)
• Information Flow in Graph Neural Networks: A Clinical Triage Use Case [49.86931948849343]
  Graph Neural Networks (GNNs) have gained popularity in healthcare and other domains due to their ability to process multi-modal and multi-relational graphs. We investigate how the flow of embedding information within GNNs affects the prediction of links in Knowledge Graphs (KGs) Our results demonstrate that incorporating domain knowledge into the GNN connectivity leads to better performance than using the same connectivity as the KG or allowing unconstrained embedding propagation.
  arXiv  Detail & Related papers  (2023-09-12T09:18:12Z)
• A Survey on Malware Detection with Graph Representation Learning [0.0]
  Malware detection has become a major concern due to the increasing number and complexity of malware. In recent years, Machine Learning (ML) and notably Deep Learning (DL) achieved impressive results in malware detection by learning useful representations from data. This paper provides an in-depth literature review to summarize and unify existing works under the common approaches and architectures.
  arXiv  Detail & Related papers  (2023-03-28T14:27:08Z)
• Automatic Relation-aware Graph Network Proliferation [182.30735195376792]
  We propose Automatic Relation-aware Graph Network Proliferation (ARGNP) for efficiently searching GNNs. These operations can extract hierarchical node/relational information and provide anisotropic guidance for message passing on a graph. Experiments on six datasets for four graph learning tasks demonstrate that GNNs produced by our method are superior to the current state-of-the-art hand-crafted and search-based GNNs.
  arXiv  Detail & Related papers  (2022-05-31T10:38:04Z)
• Black-box Node Injection Attack for Graph Neural Networks [29.88729779937473]
  We study the possibility of injecting nodes to evade the victim GNN model. Specifically, we propose GA2C, a graph reinforcement learning framework. We demonstrate the superior performance of our proposed GA2C over existing state-of-the-art methods.
  arXiv  Detail & Related papers  (2022-02-18T19:17:43Z)
• Graph Neural Network-based Android Malware Classification with Jumping Knowledge [3.408873763213743]
  This paper proposes a GNN-based method for Android malware detection by capturing meaningful intra-procedural call path patterns. A Jumping-Knowledge technique is applied to minimize the effect of the over-smoothing problem. The proposed method has been extensively evaluated using two benchmark datasets.
  arXiv  Detail & Related papers  (2022-01-19T11:29:02Z)
• NF-GNN: Network Flow Graph Neural Networks for Malware Detection and Classification [11.624780336645006]
  Malicious software (malware) poses an increasing threat to the security of communication systems. We present three variants of our base model, which all support malware detection and classification in supervised and unsupervised settings. Experiments on four different prediction tasks consistently demonstrate the advantages of our approach and show that our graph neural network model can boost detection performance by a significant margin.
  arXiv  Detail & Related papers  (2021-03-05T20:54:38Z)
• A novel DL approach to PE malware detection: exploring Glove vectorization, MCC_RCNN and feature fusion [0.0]
  We propose the DL-based approaches for detection and use static-based features fed up into models. We implement a neural network model called MCC_RCNN, comprising of the combination with CNN and RNN. Our proposed classification methods can obtain a higher prediction accuracy than the other baseline methods.
  arXiv  Detail & Related papers  (2021-01-22T07:08:10Z)
• Graph Backdoor [53.70971502299977]
  We present GTA, the first backdoor attack on graph neural networks (GNNs) GTA departs in significant ways: it defines triggers as specific subgraphs, including both topological structures and descriptive features. It can be instantiated for both transductive (e.g., node classification) and inductive (e.g., graph classification) tasks.
  arXiv  Detail & Related papers  (2020-06-21T19:45:30Z)
• Graph Neural Networks for Motion Planning [108.51253840181677]
  We present two techniques, GNNs over dense fixed graphs for low-dimensional problems and sampling-based GNNs for high-dimensional problems. We examine the ability of a GNN to tackle planning problems such as identifying critical nodes or learning the sampling distribution in Rapidly-exploring Random Trees (RRT) Experiments with critical sampling, a pendulum and a six DoF robot arm show GNNs improve on traditional analytic methods as well as learning approaches using fully-connected or convolutional neural networks.
  arXiv  Detail & Related papers  (2020-06-11T08:19:06Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.