Survey of Malware Analysis through Control Flow Graph using Machine Learning

• URL: http://arxiv.org/abs/2305.08993v2
• Date: Tue, 20 Jun 2023 18:27:09 GMT
• Title: Survey of Malware Analysis through Control Flow Graph using Machine Learning
• Authors: Shaswata Mitra, Stephen A. Torri, Sudip Mittal
• Abstract summary: Traditional signature-based malware detection methods have become ineffective in detecting new and unknown malware. One of the most promising techniques that can overcome the limitations of signature-based detection is to use control flow graphs (CFGs) CFGs leverage the structural information of a program to represent the possible paths of execution as a graph, where nodes represent instructions and edges represent control flow dependencies. Machine learning (ML) algorithms are being used to extract these features from CFGs and classify them as malicious or benign.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Malware is a significant threat to the security of computer systems and networks which requires sophisticated techniques to analyze the behavior and functionality for detection. Traditional signature-based malware detection methods have become ineffective in detecting new and unknown malware due to their rapid evolution. One of the most promising techniques that can overcome the limitations of signature-based detection is to use control flow graphs (CFGs). CFGs leverage the structural information of a program to represent the possible paths of execution as a graph, where nodes represent instructions and edges represent control flow dependencies. Machine learning (ML) algorithms are being used to extract these features from CFGs and classify them as malicious or benign. In this survey, we aim to review some state-of-the-art methods for malware detection through CFGs using ML, focusing on the different ways of extracting, representing, and classifying. Specifically, we present a comprehensive overview of different types of CFG features that have been used as well as different ML algorithms that have been applied to CFG-based malware detection. We provide an in-depth analysis of the challenges and limitations of these approaches, as well as suggest potential solutions to address some open problems and promising future directions for research in this field.

Related papers

• Cryptanalysis via Machine Learning Based Information Theoretic Metrics [58.96805474751668]
  We propose two novel applications of machine learning (ML) algorithms to perform cryptanalysis on any cryptosystem. These algorithms can be readily applied in an audit setting to evaluate the robustness of a cryptosystem. We show that our classification model correctly identifies the encryption schemes that are not IND-CPA secure, such as DES, RSA, and AES ECB, with high accuracy.
  arXiv  Detail & Related papers  (2025-01-25T04:53:36Z)
• A Novel Approach to Malicious Code Detection Using CNN-BiLSTM and Feature Fusion [2.3039261241391586]
  This study employs the minhash algorithm to convert binary files of malware into grayscale images. The study utilizes IDA Pro to decompile and extract opcode sequences, applying N-gram and tf-idf algorithms for feature vectorization. A CNN-BiLSTM fusion model is designed to simultaneously process image features and opcode sequences, enhancing classification performance.
  arXiv  Detail & Related papers  (2024-10-12T07:10:44Z)
• Convolutional Neural Network Design and Evaluation for Real-Time Multivariate Time Series Fault Detection in Spacecraft Attitude Sensors [41.94295877935867]
  This paper presents a novel approach to detecting stuck values within the Accelerometer and Inertial Measurement Unit of a drone-like spacecraft. A multi-channel Convolutional Neural Network (CNN) is used to perform multi-target classification and independently detect faults in the sensors. An integration methodology is proposed to enable the network to effectively detect anomalies and trigger recovery actions at the system level.
  arXiv  Detail & Related papers  (2024-10-11T09:36:38Z)
• Comprehensive evaluation of Mal-API-2019 dataset by machine learning in malware detection [0.5475886285082937]
  This study conducts a thorough examination of malware detection using machine learning techniques. The aim is to advance cybersecurity capabilities by identifying and mitigating threats more effectively.
  arXiv  Detail & Related papers  (2024-03-04T17:22:43Z)
• Discovering Malicious Signatures in Software from Structural Interactions [7.06449725392051]
  We propose a novel malware detection approach that leverages deep learning, mathematical techniques, and network science. Our approach focuses on static and dynamic analysis and utilizes the Low-Level Virtual Machine (LLVM) to profile applications within a complex network. Our approach marks a substantial improvement in malware detection, providing a notably more accurate and efficient solution.
  arXiv  Detail & Related papers  (2023-12-19T23:42:20Z)
• A Survey on Malware Detection with Graph Representation Learning [0.0]
  Malware detection has become a major concern due to the increasing number and complexity of malware. In recent years, Machine Learning (ML) and notably Deep Learning (DL) achieved impressive results in malware detection by learning useful representations from data. This paper provides an in-depth literature review to summarize and unify existing works under the common approaches and architectures.
  arXiv  Detail & Related papers  (2023-03-28T14:27:08Z)
• A survey on hardware-based malware detection approaches [45.24207460381396]
  Hardware-based malware detection approaches leverage hardware performance counters and machine learning prowess. We meticulously analyze the approach, unraveling the most common methods, algorithms, tools, and datasets that shape its contours. The discussion extends to crafting mixed hardware and software approaches for collaborative efficacy, essential enhancements in hardware monitoring units, and a better understanding of the correlation between hardware events and malware applications.
  arXiv  Detail & Related papers  (2023-03-22T13:00:41Z)
• Harnessing the Speed and Accuracy of Machine Learning to Advance Cybersecurity [0.0]
  Traditional signature-based methods of malware detection have limitations in detecting complex threats. In recent years, machine learning has emerged as a promising solution to detect malware effectively. ML algorithms are capable of analyzing large datasets and identifying patterns that are difficult for humans to identify.
  arXiv  Detail & Related papers  (2023-02-24T02:42:38Z)
• Metrics reloaded: Recommendations for image analysis validation [59.60445111432934]
  Metrics Reloaded is a comprehensive framework guiding researchers in the problem-aware selection of metrics. The framework was developed in a multi-stage Delphi process and is based on the novel concept of a problem fingerprint. Based on the problem fingerprint, users are guided through the process of choosing and applying appropriate validation metrics.
  arXiv  Detail & Related papers  (2022-06-03T15:56:51Z)
• Practical Machine Learning Safety: A Survey and Primer [81.73857913779534]
  Open-world deployment of Machine Learning algorithms in safety-critical applications such as autonomous vehicles needs to address a variety of ML vulnerabilities. New models and training techniques to reduce generalization error, achieve domain adaptation, and detect outlier examples and adversarial attacks. Our organization maps state-of-the-art ML techniques to safety strategies in order to enhance the dependability of the ML algorithm from different aspects.
  arXiv  Detail & Related papers  (2021-06-09T05:56:42Z)
• Bayesian Optimization with Machine Learning Algorithms Towards Anomaly Detection [66.05992706105224]
  In this paper, an effective anomaly detection framework is proposed utilizing Bayesian Optimization technique. The performance of the considered algorithms is evaluated using the ISCX 2012 dataset. Experimental results show the effectiveness of the proposed framework in term of accuracy rate, precision, low-false alarm rate, and recall.
  arXiv  Detail & Related papers  (2020-08-05T19:29:35Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.