Recent Advances in Malware Detection: Graph Learning and Explainability

• URL: http://arxiv.org/abs/2502.10556v1
• Date: Fri, 14 Feb 2025 21:10:03 GMT
• Title: Recent Advances in Malware Detection: Graph Learning and Explainability
• Authors: Hossein Shokouhinejad, Roozbeh Razavi-Far, Hesamodin Mohammadian, Mahdi Rabbani, Samuel Ansong, Griffin Higgins, Ali A Ghorbani,
• Abstract summary: This survey focuses on the interplay between graph learning and explainability. By integrating these components, this survey demonstrates how graph learning and explainability contribute to building robust, interpretable, and scalable malware detection systems.
• Score: 2.5824213547618067
• License:
• Abstract: The rapid evolution of malware has necessitated the development of sophisticated detection methods that go beyond traditional signature-based approaches. Graph learning techniques have emerged as powerful tools for modeling and analyzing the complex relationships inherent in malware behavior, leveraging advancements in Graph Neural Networks (GNNs) and related methods. This survey provides a comprehensive exploration of recent advances in malware detection, focusing on the interplay between graph learning and explainability. It begins by reviewing malware analysis techniques and datasets, emphasizing their foundational role in understanding malware behavior and supporting detection strategies. The survey then discusses feature engineering, graph reduction, and graph embedding methods, highlighting their significance in transforming raw data into actionable insights, while ensuring scalability and efficiency. Furthermore, this survey focuses on explainability techniques and their applications in malware detection, ensuring transparency and trustworthiness. By integrating these components, this survey demonstrates how graph learning and explainability contribute to building robust, interpretable, and scalable malware detection systems. Future research directions are outlined to address existing challenges and unlock new opportunities in this critical area of cybersecurity.

Related papers

• Out-of-Distribution Detection on Graphs: A Survey [58.47395497985277]
  Graph out-of-distribution (GOOD) detection focuses on identifying graph data that deviates from the distribution seen during training. We categorize existing methods into four types: enhancement-based, reconstruction-based, information propagation-based, and classification-based approaches. We discuss practical applications and theoretical foundations, highlighting the unique challenges posed by graph data.
  arXiv  Detail & Related papers  (2025-02-12T04:07:12Z)
• Adversarial Challenges in Network Intrusion Detection Systems: Research Insights and Future Prospects [0.33554367023486936]
  This paper provides a comprehensive review of machine learning-based Network Intrusion Detection Systems (NIDS) We critically examine existing research in NIDS, highlighting key trends, strengths, and limitations. We discuss emerging challenges in the field and offer insights for the development of more robust and resilient NIDS.
  arXiv  Detail & Related papers  (2024-09-27T13:27:29Z)
• Explainable Artificial Intelligence (XAI) for Malware Analysis: A Survey of Techniques, Applications, and Open Challenges [0.0]
  Explainable AI (XAI) addresses this gap by enhancing model interpretability while maintaining strong detection capabilities. We examine existing XAI frameworks, their application in malware classification and detection, and the challenges associated with making malware detection models more interpretable. This survey serves as a valuable resource for researchers and practitioners seeking to bridge the gap between ML performance and explainability in cybersecurity.
  arXiv  Detail & Related papers  (2024-09-09T08:19:33Z)
• Comprehensive evaluation of Mal-API-2019 dataset by machine learning in malware detection [0.5475886285082937]
  This study conducts a thorough examination of malware detection using machine learning techniques. The aim is to advance cybersecurity capabilities by identifying and mitigating threats more effectively.
  arXiv  Detail & Related papers  (2024-03-04T17:22:43Z)
• GraphCloak: Safeguarding Task-specific Knowledge within Graph-structured Data from Unauthorized Exploitation [61.80017550099027]
  Graph Neural Networks (GNNs) are increasingly prevalent in a variety of fields. Growing concerns have emerged regarding the unauthorized utilization of personal data. Recent studies have shown that imperceptible poisoning attacks are an effective method of protecting image data from such misuse. This paper introduces GraphCloak to safeguard against the unauthorized usage of graph data.
  arXiv  Detail & Related papers  (2023-10-11T00:50:55Z)
• A Survey on Malware Detection with Graph Representation Learning [0.0]
  Malware detection has become a major concern due to the increasing number and complexity of malware. In recent years, Machine Learning (ML) and notably Deep Learning (DL) achieved impressive results in malware detection by learning useful representations from data. This paper provides an in-depth literature review to summarize and unify existing works under the common approaches and architectures.
  arXiv  Detail & Related papers  (2023-03-28T14:27:08Z)
• Machine learning on knowledge graphs for context-aware security monitoring [0.0]
  We discuss the application of machine learning on knowledge graphs for intrusion detection. We experimentally evaluate a link-prediction method for scoring anomalous activity in industrial systems. The proposed method is shown to produce intuitively well-calibrated and interpretable alerts in a diverse range of scenarios.
  arXiv  Detail & Related papers  (2021-05-18T18:00:19Z)
• Explainable Adversarial Attacks in Deep Neural Networks Using Activation Profiles [69.9674326582747]
  This paper presents a visual framework to investigate neural network models subjected to adversarial examples. We show how observing these elements can quickly pinpoint exploited areas in a model.
  arXiv  Detail & Related papers  (2021-03-18T13:04:21Z)
• Graph signal processing for machine learning: A review and new perspectives [57.285378618394624]
  We review a few important contributions made by GSP concepts and tools, such as graph filters and transforms, to the development of novel machine learning algorithms. We discuss exploiting data structure and relational priors, improving data and computational efficiency, and enhancing model interpretability. We provide new perspectives on future development of GSP techniques that may serve as a bridge between applied mathematics and signal processing on one side, and machine learning and network science on the other.
  arXiv  Detail & Related papers  (2020-07-31T13:21:33Z)
• Deep Learning for Community Detection: Progress, Challenges and Opportunities [79.26787486888549]
  Article summarizes the contributions of the various frameworks, models, and algorithms in deep neural networks. This article summarizes the contributions of the various frameworks, models, and algorithms in deep neural networks.
  arXiv  Detail & Related papers  (2020-05-17T11:22:11Z)
• Survey of Network Intrusion Detection Methods from the Perspective of the Knowledge Discovery in Databases Process [63.75363908696257]
  We review the methods that have been applied to network data with the purpose of developing an intrusion detector. We discuss the techniques used for the capture, preparation and transformation of the data, as well as, the data mining and evaluation methods. As a result of this literature review, we investigate some open issues which will need to be considered for further research in the area of network security.
  arXiv  Detail & Related papers  (2020-01-27T11:21:05Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.