A Novel Study on Intelligent Methods and Explainable AI for Dynamic Malware Analysis

• URL: http://arxiv.org/abs/2508.10652v1
• Date: Thu, 14 Aug 2025 13:49:29 GMT
• Title: A Novel Study on Intelligent Methods and Explainable AI for Dynamic Malware Analysis
• Authors: Richa Dasila, Vatsala Upadhyay, Samo Bobek, Abhishek Vaish,
• Abstract summary: This research integrates Explainable AI (XAI) techniques to enhance the interpretability and trustworthiness of malware detection models.<n>The research aims to demystify the internal workings of deep learning models, promoting a better understanding and trust in their predictive capabilities in cybersecurity contexts.
• Score: 0.0
• License: http://creativecommons.org/licenses/by-nc-sa/4.0/
• Abstract: Deep learning models are one of the security strategies, trained on extensive datasets, and play a critical role in detecting and responding to these threats by recognizing complex patterns in malicious code. However, the opaque nature of these models-often described as "black boxes"-makes their decision-making processes difficult to understand, even for their creators. This research addresses these challenges by integrating Explainable AI (XAI) techniques to enhance the interpretability and trustworthiness of malware detection models. In this research, the use of Multi-Layer Perceptrons (MLP) for dynamic malware analysis has been considered, a less explored area, and its efficacy in detecting Metamorphic Malware, and further the effectiveness and transparency of MLPs, CNNs, RNNs, and CNN-LSTM models in malware classification, evaluating these models through the lens of Explainable AI (XAI). This comprehensive approach aims to demystify the internal workings of deep learning models, promoting a better understanding and trust in their predictive capabilities in cybersecurity contexts. Such in-depth analysis and implementation haven't been done to the best of our knowledge.

Related papers

• Algorithms for Adversarially Robust Deep Learning [58.656107500646364]
  We discuss recent progress toward designing algorithms that exhibit desirable robustness properties.<n>We present new algorithms that achieve state-of-the-art generalization in medical imaging, molecular identification, and image classification.<n>We propose new attacks and defenses, which represent the frontier of progress toward designing robust language-based agents.
  arXiv  Detail & Related papers  (2025-09-23T14:48:58Z)
• A Systematic Survey of Model Extraction Attacks and Defenses: State-of-the-Art and Perspectives [65.3369988566853]
  Recent studies have demonstrated that adversaries can replicate a target model's functionality.<n>Model Extraction Attacks pose threats to intellectual property, privacy, and system security.<n>We propose a novel taxonomy that classifies MEAs according to attack mechanisms, defense approaches, and computing environments.
  arXiv  Detail & Related papers  (2025-08-20T19:49:59Z)
• Continual Learning for Generative AI: From LLMs to MLLMs and Beyond [56.29231194002407]
  We present a comprehensive survey of continual learning methods for mainstream generative AI models.<n>We categorize these approaches into three paradigms: architecture-based, regularization-based, and replay-based.<n>We analyze continual learning setups for different generative models, including training objectives, benchmarks, and core backbones.
  arXiv  Detail & Related papers  (2025-06-16T02:27:25Z)
• Expert-in-the-Loop Systems with Cross-Domain and In-Domain Few-Shot Learning for Software Vulnerability Detection [38.083049237330826]
  This study explores the use of Large Language Models (LLMs) in software vulnerability assessment by simulating the identification of Python code with known Common Weaknessions (CWEs)<n>Our results indicate that while zero-shot prompting performs poorly, few-shot prompting significantly enhances classification performance.<n> challenges such as model reliability, interpretability, and adversarial robustness remain critical areas for future research.
  arXiv  Detail & Related papers  (2025-06-11T18:43:51Z)
• Large Language Model (LLM) for Software Security: Code Analysis, Malware Analysis, Reverse Engineering [3.1195311942826303]
  Large Language Models (LLMs) have emerged as powerful tools in cybersecurity.<n>LLMs offer advanced capabilities in malware detection, generation, and real-time monitoring.
  arXiv  Detail & Related papers  (2025-04-07T22:32:46Z)
• The Road Less Traveled: Investigating Robustness and Explainability in CNN Malware Detection [15.43868945929965]
  We integrate quantitative analysis with explainability tools to better understand CNN behavior in malware classification.<n> obfuscation techniques can reduce model accuracy by up to 50%, and propose a mitigation strategy to enhance robustness.<n>This work contributes to improving the interpretability and resilience of deep learning-based intrusion detection systems.
  arXiv  Detail & Related papers  (2025-03-03T10:42:00Z)
• Explainable Artificial Intelligence (XAI) for Malware Analysis: A Survey of Techniques, Applications, and Open Challenges [0.0]
  Explainable AI (XAI) addresses this gap by enhancing model interpretability while maintaining strong detection capabilities.<n>We examine existing XAI frameworks, their application in malware classification and detection, and the challenges associated with making malware detection models more interpretable.<n>This survey serves as a valuable resource for researchers and practitioners seeking to bridge the gap between ML performance and explainability in cybersecurity.
  arXiv  Detail & Related papers  (2024-09-09T08:19:33Z)
• Detecting and Understanding Vulnerabilities in Language Models via Mechanistic Interpretability [44.99833362998488]
  Large Language Models (LLMs) have shown impressive performance across a wide range of tasks. LLMs in particular are known to be vulnerable to adversarial attacks, where an imperceptible change to the input can mislead the output of the model. We propose a method, based on Mechanistic Interpretability (MI) techniques, to guide this process.
  arXiv  Detail & Related papers  (2024-07-29T09:55:34Z)
• Explainable Deep Learning Models for Dynamic and Online Malware Classification [0.856335408411906]
  Our paper aims to delve into explainable malware classification across various execution environments. We train Feed Forward Neural Networks (FFNN) and Convolutional Neural Networks (CNN) to classify malware based on features obtained from dynamic and online analysis environments. We perform a detailed evaluation of the calculated global and local explanations from the experiments, discuss limitations and, ultimately, offer recommendations for achieving a balanced approach.
  arXiv  Detail & Related papers  (2024-04-18T19:07:51Z)
• Analyzing Adversarial Inputs in Deep Reinforcement Learning [53.3760591018817]
  We present a comprehensive analysis of the characterization of adversarial inputs, through the lens of formal verification. We introduce a novel metric, the Adversarial Rate, to classify models based on their susceptibility to such perturbations. Our analysis empirically demonstrates how adversarial inputs can affect the safety of a given DRL system with respect to such perturbations.
  arXiv  Detail & Related papers  (2024-02-07T21:58:40Z)
• Improving robustness of jet tagging algorithms with adversarial training [56.79800815519762]
  We investigate the vulnerability of flavor tagging algorithms via application of adversarial attacks. We present an adversarial training strategy that mitigates the impact of such simulated attacks.
  arXiv  Detail & Related papers  (2022-03-25T19:57:19Z)
• Beyond Explaining: Opportunities and Challenges of XAI-Based Model Improvement [75.00655434905417]
  Explainable Artificial Intelligence (XAI) is an emerging research field bringing transparency to highly complex machine learning (ML) models. This paper offers a comprehensive overview over techniques that apply XAI practically for improving various properties of ML models. We show empirically through experiments on toy and realistic settings how explanations can help improve properties such as model generalization ability or reasoning.
  arXiv  Detail & Related papers  (2022-03-15T15:44:28Z)
• Holistic Adversarial Robustness of Deep Learning Models [91.34155889052786]
  Adversarial robustness studies the worst-case performance of a machine learning model to ensure safety and reliability. This paper provides a comprehensive overview of research topics and foundational principles of research methods for adversarial robustness of deep learning models.
  arXiv  Detail & Related papers  (2022-02-15T05:30:27Z)
• Interpreting Machine Learning Malware Detectors Which Leverage N-gram Analysis [2.6397379133308214]
  cybersecurity analysts always prefer solutions that are as interpretable and understandable as rule-based or signature-based detection. The objective of this paper is to evaluate the current state-of-the-art ML models interpretability techniques when applied to ML-based malware detectors.
  arXiv  Detail & Related papers  (2020-01-27T19:10:50Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.