恶意软件检测(14)MALWARE综述

发表于 更新于 分类于 阅读次数: 本文字数: 26k 阅读时长 ≈ 47 分钟

MALWARE

1. Survey Overview

Period :2014-2021

  • Platform
    • Windows [13,32]
    • Android [1-3,11,14,16,18,23,25,33,35-37,40]
    • Linux
  • Direction
    • Malware features from various aspects [1,9,24,28,31,40]
    • Malware propagation(传播) [2,25]
    • System mechanisms or services against malware [3,37]
    • Malware behaviors [5,15]
      • Obfuscation [8,37]
      • Packing [8]
      • Stealth technologies [3,6]
      • Hook
      • Evasion from dynamic analysis [10,17,20,31,62]
    • Dataset challenges, such as aging problem [21,23,41,51]
    • Performance metrics[14,23]
    • Specific malware:such as IoT malware[25,26,39], fileless[30] and PDF malware[43,54]
    • Visualization [15]
    • Graph representation [22]
    • Detection Methods [3-4,8,9,11,12,14,16,19,31,33,36]
      • ML based techniques [13,18,21,29,38,40]
      • DL based techniques [22,29,35]
    • APT(Advanced Persistent Threats) [20]
    • Adversarial malware example generation [27,32]
    • ML/DL flaws [7,28]
    • ML/DL interpretability [34]

2. Android Malware detection

2.1 Behavior detection [63,64]

Title Year Motivation Goal Methods
Malton:Towards On-Device Non-Invasive Mobile Malware Analysis for ART 2017 Toprovide a comprehensive view of malware’s behaviors Detectingeffectively multi-layermonitoring & information flow tracking
CopperDroid:Automatic Reconstruction of Android Malware Behaviors 2015 Toidentify OS- and high-level Android-specific behaviors. Toreconstruct the behaviors of Android malware VMI-baseddynamic analysis

2.2 Signature based [65,66]

Title Year Motivation Goal Methods
EnMobile: Entity-based Characterization and Analysis of Mobile 2018 Tocharacaterize malware comprehensively Detectingeffectively entity-based characterization and static analysis; signature based approach
Screening smartphone applications using malware family signatures 2015 Toimprove the robustness of signature matching Toautomaticly extract family signature and matching family signature

2.3 Rule based[67,68]

Title Year Motivation Goal Methods
Toward a more dependable hybrid analysis of android malware using aspect-oriented programming 2018 None. Detectingeffectively dataflowanalysis, detection of resource abuse;rule based
DroidNative: Automating and optimizing detection of Android native code malware variants 2017 Todefeat obfuscation Detectingeffectively specific control flow patterns;rule based

2.4 Similarity based

2.4.1 Model similarity[69-73]

Title Year Motivation Goal Methods
An HMM and structural entropy based detector for Android malware: An empirical study 2016 Todefeat hiding Detectingeffectively HiddenMarkov Model, structural entropy.
Scalable and robust unsupervised android malware fingerprinting using community-based network partitioning 2020 Todefeat obfuscation Detectingeffectively maliciouscommunity
On the use of artificial malicious patterns for android malware detection 2020 Todefeat obfuscation Detectingeffectively malwarepatterns; Genetic Algorithm (GA); Apriori algorithm
Andro-Dumpsys: Anti-malware system based on the similarity of malware creator and malware centric information 2016 Todefeat packing, dynamic loading etc. Detectingeffectively similarity matching of malware creator-centric
Bayesian Active Malware Analysis 2020 None. Detectingeffectively the Markov chain models

2.4.2 Graph similarity[74-79]

Title Year Motivation Goal Methods
PermPair: Android Malware Detection Using Permission Pairs 2020 Tomake use of permission information Todetect Android malware The comparasion of the graph of permission pairs.
Apposcopy: Semantics-Based Detection of Android Malware through Static Analysis 2014 Toimprove signature based methods Detectingeffectively combination of static taint analysis and program representation called Inter-Component Call Graph
Profiling user-trigger dependence for Android malware detection 2015 Tocapture stealthily launch operation Detectingeffectively Graphcomparision
Identifying Android Malware Using Network-Based Approaches 2019 Tomake use of network information Detectingeffectively aweighted network to compare closeness
Cypider: Building Community-Based Cyber-Defense Infrastructure for Android Malware Detection 2016 Todeal with endless new malware Detectingeffectively scalablesimilarity network infrastructure;malicious community
Semantics-Aware Android Malware Classification Using Weighted Contextual API Dependency Graphs 2014 Tocharacaterize malware from program semantics Detectingeffectively a weighted contextual API dependency graph as program semantics;graphsimilarity metrics

2.5 ML based [60,80-101]

Title Year Motivation Goal Methods
MAMADROID:Detecting Android Malware by Building Markov Chains of Behavioral Models 2017 Todesign robust malware mitigation techniques Constructinga classifier BuildingMarkov Chains of Behavioral Models;Random Forests , Nearest Neighbor (1-NN) ,3-Nearest Neighbor (3-NN) ,and Support Vector Machines (SVM)
Drebin:Effective and Explainable Detection of Android Malware in Your Pocket 2014 Tomitigate the influence on limited resources in Android platform To propose a lightweight method to detect malware at run-time Staticanalysis and SVM
MakeEvasion Harder: An Intelligent Android Malware Detection System 2018 Todetect evolving Android malware Higherdetection rate APIcalls and higher-level semantics; SVM
UsingLoops For Malware Classification Resilient to Feature-unaware Perturbations 2018 Tosolve feature-unaware perturbation Todetect malware resilient to feature-unaware perturbation Looplocating and random forest
SemanticModelling of Android Malware for Effective Malware Comprehension, Detection,and Classification 2016 Tomake use of semantic information Todetect Android malware Semanticmodel; Random forest
Detecting Android Malware Leveraging Text Semantics of Network Flows 2018 Tomake use of network information Todetect Android malware Usingthe text semantics of network traffic; SVM
Improving Accuracy of Android Malware Detection with Lightweight Contextual Awareness 2018 Toreduce redundant metadata in modeling ImprovingAccuracy of Android Malware Detection KNN;RF;MLP
MalScan: Fast Market-Wide Mobile Malware Scanning by Social-Network Centrality Analysis 2019 Toreduce the cost of semantic analysis To propose a lightweight method to detect malware social-network-basedcentrality analysis; kNN and random forest
PIndroid: A novel Android malware detection system using ensemble learning methods 2017 Tofight against covert technique of malware Detectingeffectively Permissionsand Intents based framework supplemented with Ensemble methods:Nave Bayesian,Decision Tree, Decision Table, Random Forest, Sequential Minimal Optimization and Multi Lateral Perceptron(MLP)
A pragmatic android malware detection procedure 2017 Todesign a new ML model Detectingeffectively Atomic Naive Bayes classifiers used as inputs for the Support Vector Machine ensemble.
ICCDetector: ICC-Based Malware Detection on Android 2016 Tocapture communication among components or cross boundaries to supplymentfeatures Detectingeffectively SVM
A Probabilistic Discriminative Model for Android Malware Detection with Decompiled Source Code 2015 None. Detectingeffectively the 2-class Naive Bayes with Prior (2-PNB) and a discriminative model,the regularized logistic regression
DroidCat: Effective Android Malware Detection and Categorization via App-Level Profiling 2019 Tofight against systemcall obfuscation Detectingeffectively Dynamicanalysis based on method calls and inter-component communication; RandomForest
MADAM: Effective and Efficient Behavior-based Android Malware Detection and Prevention 2018 None. Detectingeffectively KNN
Android Malware Detection via (Somewhat) Robust Irreversible Feature Transformations 2020 Toavoid ML classifier evading Transferingfeatures to a new feature domain Classifiers used:(1) Bernoulli Naive Bayes, (2) Random Forest, (3) NearestNeighbors, (4) Logistic Regression, (5) Gaussian Naive Bayes, (6) AdaBoost Classifier, (7) Gradient Boosting Decision Tree, (8) XGB Classifier and (9)SVM.
Leveraging ontologies and machine-learning techniques for malware analysis into Android permissions ecosystems 2018 None. Detectingeffectively ontology-basedframework;random forest
Lightweight, Obfuscation-Resilient Detection and Family Identification of Android Malware 2018 Todefeat obfuscation Detectingeffectively familyidentification;linear SVM
A multi-view context-aware approach to Android malware detection and malicious code localization 2018 To characaterize malware comprehensively Detectingeffectively multipleviews of apps;SVM
DroidFusion: A Novel Multilevel Classifier Fusion Approach for Android Malware Detection 2019 Toimprove classifier Detectingeffectively CLASSIFIER FUSION:J48, REPTree, voted perceptron, and random tree
DL-Droid: Deep learning based android malware detection using real devices 2020 Todefeat obfuscation Detectingeffectively input generation;MLP
JOWMDroid: Android malware detection based on feature weighting with joint optimization of weight-mapping and classifier parameters 2021 Tocharacaterize malware from feature importance Detectingeffectively featureweighting with the joint optimization of weight-mapping;SVM, LR, MLP
Towards using unstructured user input request for malware detection 2020 Todefeat privacy analysis evading Detectingeffectively decision tree

2.6 DL based [102-109]

Title Year Motivation Goal Methods
Toward s an interpretable deep learning model for mobile malware detection and family identification 2021 Topropose a interpretable DL model Detectingreasonablely DL:Grad-CAM
AMalNet: A deep learning framework based on graph convolutional networks for malware detection 2020 Tohave a lower cost Detectingeffectively DL:GCNsand IndRNN
Disentangled Representation Learning in Heterogeneous Information Network for Large-scale Android Malware Detection in the COVID-19 Era and Beyond 2021 Tosolve the problem that society relys on the complex cyberspace Detectingeffectively heterogeneousinformation network (HIN);DNN
A Multimodal Deep Learning Method for Android Malware Detection Using Various Features 2019 Tocharacaterize malware comprehensively Detectingeffectively multimodaldeep learning method;DNN
Android Fragmentation in Malware Detection 2019 Todeal with multiple Android version Detectingeffectively Deep Neural Network
An Image-inspired and CNN-based Android Malware Detection Approach 2019 Todefeat obfuscation Detectingeffectively CNN
A Performance-Sensitive Malware Detection System Using Deep Learning on Mobile Devices 2021 Toreduce time cost of download and upload Detectingfastly customized DNN
Byte-level malware classification based on markov images and deep learning 2020 Toimprove the accuracy of gray image based methods Detectingeffectively deep convolutional neural network

3 Windows Malware detection

3.1 Behavior detection [110,111]

Title Year Creativity
API Chaser: Anti-analysis Resistant Malware Analyzer 2013 API call feature capture
MalViz: An Interactive Visualization Tool for Tracing Malware 2018 Behavior visualization

3.2 Signature based [112]

Title Year Creativity
CloudEyes: Cloud-based malware detection with reversible sketch for resource-constrained internet of things (IoT) devices 2017 Based on cloud

3.3 Rule based[113]

Title Year Creativity
A fast malware detection algorithm based on objective-oriented association mining 2013 API selection

3.4 Similarity based

3.4.1 Model similarity[114-122]

Title Year Creativity
PoMMaDe: Pushdown Model-checking for Malware Detection 2013 model checking
Growing Grapes in Your Computer to Defend Against Malware 2014 clustering and template matching
Hypervisor-based malware protection with AccessMiner 2015 system-centric behavioral detector
Probabilistic Inference on Integrity for Access Behavior Based Malware Detection 2015 probabilistic model of integrity
Probabilistic analysis of dynamic malware traces 2018 1.Features of system interaction 2. interpretability
A malware detection method based on family behavior graph 2018 common behavior graph
Malware classification using self organising feature maps and machine activity data 2018 1.The improvement of ML. to reduce over-fitting 2. Self Organizing Feature Maps
Volatile memory analysis using the MinHash method for efficient and secured detection of malware in private cloud 2019 Based on memory features
A dynamic Windows malware detection and prediction method based on contextual understanding of API call sequence 2020 1.Contextual relationship between API call features 2. Marcovchain

3.4.2 Graph similarity[123-127]

Title Year Creativity
Deriving common malware behavior through graph clustering 2013 common behavior graph
Enhancing the detection of metamorphic malware using call graphs 2014 API call graph matching
Minimal contrast frequent pattern mining for malware detection 2016 Graph matching
Heterogeneous Graph Matching Networks for Unknown Malware Detection 2019 Graph matching similarity of benign software
Random CapsNet for est model for imbalanced malware type classification task 2021 The improvement of the Model

3.5 ML based [128-143]

Title Year Creativity
A Scalable Approach for Malware Detection through Bounded Feature Space Behavior Modeling 2013 Scalable feature space
SigMal: A Static Signal Processing Based Malware Triage 2013 noise-resistant similarity signatures
Unsupervised Anomaly-Based Malware Detection Using Hardware Features 2014 hardware supported lower-level features
Control flow-based opcode behavior analysis for Malware detection 2014 Based on control flow method features
Employing Program Semantics for Malware Detection 20152021 Extracting information-rich call sequence based on AEPThe improvement of the Model
AMAL: High-fidelity, behavior-based automated malware analysis and classification 2015 Based on behavior analysis
Optimized Invariant Representation of Network Traffic for Detecting Unseen Malware Variants 2016 Network features
DYNAMINER: Leveraging Offline Infection Analytics for On-the-Wire Malware Detection 2017 Network features
Security importance assessment for system objects and malware detection 2017 Based on importance of system objects
From big data to knowledge: A spatiotemporal approach to malware detection 2018 cloud based security service features
From big data to knowledge: A spatiotemporal approach to malware detection 2018 cloud based security service features
MalDAE: Detecting and explaining malware based on correlation and fusion of static and dynamic characteristics 2019 fusion of static and dynamic API sequence features
Leveraging Compression-Based Graph Mining for Behavior-Based Malware Detection 2019 Based on data flow graph
Advanced Windows Methods on Malware Detection and Classification 2020 API based Features extraction.
Sub-curve HMM: A malware detection approach based on partial analysis of API call sequences 2020 1.Subset of API call feature 2. HMM
Multiclass malware classification via first- and second-order texture statistics 2020 visualization
Catch them alive: A malware detection approach through memory forensics, manifoldlearning and computer vision 2021 Visualization

3.6 DL based [144-156]

Title Year Creativity
Auto-detection of sophisticated malware using lazy-binding control flow graph and deep learning 2018 1.The improvement of CFG 2. Visualizaiton
Malware identification using visualization images and deep learning 2018 1.SimHash of features 2. Visualization
Classification of Malware by Using Structural Entropy on Convolutional Neural Networks 2018 visual similarity
Classifying Malware Represented as Control Flow Graphs using Deep Graph Convolutional Neural Network 2019 The improvement of CFG
Neurlux: Dynamic Malware Analysis Without Feature Engineering 2019 Based on dynamic analysis reports
A feature-hybrid malware variants detection using CNN based opcode embedding and BPNN based API embedding 2019 Hybrid features
Effective analysis of malware detection in cloud computing 2019 The improvement of the DL.
Recurrent neural network for detecting malware 2020 The improvement of RNN
Dynamic Malware Analysis with Feature Engineering and Feature Learning 2020 Feature hashing to encode API call info.
An improved two-hidden-layer extreme learning machine for malware hunting 2020 Improvement of the DL.
HYDRA: A multimodal deep learning framework for malware classification 2020 Hybrid features
A novel method for malware detection on ML-based visualization technique 2020 visualization
Image-Based malware classification using ensemble of CNN architectures (IMCEC) 2020 visualization

4. ML/DL flaws Overview

  • Ensemble classifier evasion [42]
  • Performance degradation [42,46,53,54]
  • Adversarial example generation [43,44,45,48,55,56,57,58]
  • Poisoning Attack [47]
  • Feature weights [49]
  • Cost analysis [50]
  • ML bias from dataset [51]
  • Influence of packing [52]
  • Methods reproduction [59]

5. References

  1. 2014 A Survey of Android Malware Characterisitics and Mitigation Techniques

  2. 2014 Smartphone Malware and Its Propagation Modeling:A Survey

  3. 2015 Android Security: A Survey of Issues, Malware Penetration, and Defenses

  4. 2014 Evolution and Detection of Polymorphic and Metamorphic Malwares: A Survey

  5. 2015 Kernel Malware Core Implementation: A Survey

  6. 2016 A Survey of Stealth Malware Attacks, Mitigation Measures, and Steps Toward Autonomous Open World Solutions

  7. 2016 On the Security of Machine Learning in Malware C&C Detection: A Survey

  8. 2017 Malware Methodologies and Its Future: A Survey

  9. 2017 A Survey on Malware Detection Using Data Mining Techniques

  10. 2018 Malware Dynamic Analysis Evasion Techniques: A Survey

  11. 2018 Android Malware Detection: A Survey

  12. 2018 A Survey on Metamorphic Malware Detection based on Hidden Markov Model

  13. 2018 Machine Learning Aided Static Malware Analysis: A Survey and Tutorial

  14. 2018 A survey on dynamic mobile malware detection

  15. 2018 A survey of malware behavior description and analysis

  16. 2019 A Survey on Android Malware Detection Techniques Using Machine Learning Algorithms

  17. 2019 Dynamic Malware Analysis in the Modern Era—A State of the Art Survey

  18. 2019 Data-Driven Android Malware Intelligence: A Survey

  19. 2019 A survey of zero-day malware attacks and itsdetection methodology

  20. 2019 A Survey on malware analysis and mitigation techniques

  21. 2019 Survey of machine learning techniques for malware analysis

  22. 2020 Deep Learning and Open Set Malware Classification: A Survey

  23. 2020 A Comprehensive Survey on Machine Learning Techniques for Android Malware Detection

  24. 2015 A Survey on Mining Program-Graph Features for Malware Analysis

  25. 2020 Stochastic Modeling of IoT Botnet Spread: A Short Survey on Mobile Malware Spread Modeling

  26. 2020 A survey of IoT malware and detection methods based on static features

  27. 2020 A survey on practical adversarial examples for malware classifiers

  28. 2020 A Survey of Machine Learning Methods and Challenges for Windows Malware Classification

  29. 2020 A Survey on Malware Detection with Deep Learning

  30. 2020 An emerging threat Fileless malware: a survey and research challenges

  31. 2021 Malware classification and composition analysis: A survey of recent developments

  32. 2021 Adversarial EXEmples: A Survey and Experimental Evaluation of Practical Attacks on Machine Learning for Windows Malware Detection

  33. 2020 A Survey on Mobile Malware Detection Techniques

  34. 2021 Towards interpreting ML-based automated malware detection models: a survey

  35. 2021 A Survey of Android Malware Detection with Deep Neural Models

  36. 2021 A survey of malware detection in Android apps: Recommendations and perspectives for future research

  37. 2021 A survey of android application and malware hardening

  38. 2021 A survey on machine learning-based malware detection in executable files

  39. 2021 The evolution of IoT Malwares, from 2008 to 2019: Survey, taxonomy, process simulator and perspectives

  40. 2021 A Survey of Android Malware Static Detection Technology Based on Machine Learning

  41. 2016 Empirical assessment of machine learning-based malware detectors for Android Measuring the gap between in-the-lab and in-the-wild validation scenarios

  42. 2016 When a Tree Falls: Using Diversity in Ensemble Classifiers to Identify Evasion in Malware Detectors

  43. 2016 Automatically Evading Classifiers A Case Study on PDF Malware Classifiers

  44. 2017 SecureDroid: Enhancing Security of Machine Learning-based Detection against Adversarial Android Malware Attacks

  45. 2017 How to defend against adversarial attack

  46. 2017 Transcend: Detecting Concept Drift in Malware Classification Models

  47. 2018 Automated poisoning attacks and defenses in malware detection systems: An adversarial machine learning approach

  48. 2018 Generic Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers

  49. 2019 Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection

  50. 2019 A cost analysis of machine learning using dynamic runtime opcodes for malware detection

  51. 2019 TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time

  52. 2020 When Malware is Packin’ Heat; Limits of Machine Learning Classifiers Based on Static Analysis Features

  53. 2020 Assessing and Improving Malware Detection Sustainability through App Evolution Studies

  54. 2020 On Training Robust PDF Malware Classifiers

  55. 2020 Adversarial Deep Ensemble: Evasion Attacks and Defenses for Malware Detection

  56. 2020 Intriguing Properties of Adversarial ML Attacks in the Problem Space Fabio

  57. 2020 Query-Efficient Black-Box Attack Against Sequence-Based Malware Classifiers

  58. 2020 Enhancing State-of-the-art Classifiers with API Semantics to Detect Evolved Android Malware

  59. 2021 Lessons Learnt on Reproducibility in Machine Learning Based Android Malware Detection

  60. 2016 Semantics-Based Online Malware Detection: Towards Efficient Real-Time Protection Against Malware

  61. 2018 Understanding Linux Malware

  62. 2017 Droid-AntiRM: Taming Control Flow Anti-analysis to Support Automated Dynamic Analysis of Android Malware

  63. 2017 Malton: Towards On-Device Non-Invasive Mobile Malware Analysis for ART

  64. 2015 CopperDroid: Automatic Reconstruction of Android Malware Behaviors

  65. 2018 EnMobile: Entity-based Characterization and Analysis of Mobile

  66. 2015 Screening smartphone applications using malware family signatures

  67. 2018 Toward a more dependable hybrid analysis of android malware using aspect-oriented programming

  68. 2017 DroidNative: Automating and optimizing detection of Android native code malware variants

  69. 2016 An HMM and structural entropy based detector for Android malware: An empirical study

  70. 2020 Scalable and robust unsupervised android malware fingerprinting using community-based network partitioning

  71. 2020 On the use of artificial malicious patterns for android malware detection

  72. 2016 Andro-Dumpsys: Anti-malware system based on the similarity of malware creator and malware centric information

  73. 2020 Bayesian Active Malware Analysis

  74. 2020 PermPair: Android Malware Detection Using Permission Pairs

  75. 2014 Apposcopy: Semantics-Based Detection of Android Malware through Static Analysis

  76. 2015 Profiling user-trigger dependence for Android malware detection

  77. 2019 Identifying Android Malware Using Network-Based Approaches

  78. 2016 Cypider: Building Community-Based Cyber-Defense Infrastructure for Android Malware Detection

  79. 2014 Semantics-Aware Android Malware Classification Using Weighted Contextual API Dependency Graphs

  80. 2017 MAMADROID: Detecting Android Malware by Building Markov Chains of Behavioral Models

  81. 2014 Drebin: Effective and Explainable Detection of Android Malware in Your Pocket

  82. 2018 Make Evasion Harder: An Intelligent Android Malware Detection System

  83. 2018 Using Loops For Malware Classification Resilient to Feature-unaware Perturbations

  84. 2016 Semantic Modelling of Android Malware for Effective Malware Comprehension, Detection, and Classification

  85. 2018 Detecting Android Malware Leveraging Text Semantics of Network Flows

  86. 2018 Improving Accuracy of Android Malware Detection with Lightweight Contextual Awareness

  87. 2019 MalScan: Fast Market-Wide Mobile Malware Scanning by Social-Network Centrality Analysis

  88. 2017 PIndroid: A novel Android malware detection system using ensemble learning methods

  89. 2017 A pragmatic android malware detection procedure

  90. 2016 ICCDetector: ICC-Based Malware Detection on Android

  91. 2015 A Probabilistic Discriminative Model for Android Malware Detection with Decompiled Source Code

  92. 2019 DroidCat: Effective Android Malware Detection and Categorization via App-Level Profiling

  93. 2018 MADAM: Effective and Efficient Behavior-based Android Malware Detection and Prevention

  94. 2020 Android Malware Detection via (Somewhat) Robust Irreversible Feature Transformations

  95. 2018 Leveraging ontologies and machine-learning techniques for malware analysis into Android permissions ecosystems

  96. 2018 Lightweight, Obfuscation-Resilient Detection and Family Identification of Android Malware

  97. 2018 A multi-view context-aware approach to Android malware detection and malicious code localization

  98. 2019 DroidFusion: A Novel Multilevel Classifier Fusion Approach for Android Malware Detection

  99. 2020 DL-Droid: Deep learning based android malware detection using real devices

  100. 2021 JOWMDroid: Android malware detection based on feature weighting with joint optimization of weight-mapping and classifier parameters

  101. 2020 Towards using unstructured user input request for malware detection

  102. 2021 Toward s an interpretable deep learning model for mobile malware detection and family identification

  103. 2020 AMalNet: A deep learning framework based on graph convolutional networks for malware detection

  104. 2021 Disentangled Representation Learning in Heterogeneous Information Network for Large-scale Android Malware Detection in the COVID-19 Era and Beyond

  105. 2019 A Multimodal Deep Learning Method for Android Malware Detection Using Various Features

  106. 2019 Android Fragmentation in Malware Detection

  107. 2019 An Image-inspired and CNN-based Android Malware Detection Approach

  108. 2021 A Performance-Sensitive Malware Detection System Using Deep Learning on Mobile Devices

  109. 2020 Byte-level malware classification based on markov images and deep learning

  110. 2013 API Chaser: Anti-analysis Resistant Malware Analyzer

  111. 2018 MalViz: An Interactive Visualization Tool for Tracing Malware

  112. 2017 CloudEyes: Cloud-based malware detection with reversible sketch for resource-constrained internet of things (IoT) devices

  113. 2013 A fast malware detection algorithm based on objective-oriented association mining

  114. 2013 PoMMaDe: Pushdown Model-checking for Malware Detection

  115. 2014 Growing Grapes in Your Computer to Defend Against Malware

  116. 2015 Hypervisor-based malware protection with AccessMiner

  117. 2015 Probabilistic Inference on Integrity for Access Behavior Based Malware Detection

  118. 2018 Probabilistic analysis of dynamic malware traces

  119. 2018 A malware detection method based on family behavior graph

  120. 2018 Malware classification using self organising feature maps and machine activity data

  121. 2019 Volatile memory analysis using the MinHash method for efficient and secured detection of malware in private cloud

  122. 2020 A dynamic Windows malware detection and prediction method based on contextual understanding of API call sequence

  123. 2013 Deriving common malware behavior through graph clustering

  124. 2014 Enhancing the detection of metamorphic malware using call graphs

  125. 2016 Minimal contrast frequent pattern mining for malware detection

  126. 2019 Heterogeneous Graph Matching Networks for Unknown Malware Detection

  127. 2021 Random CapsNet for est model for imbalanced malware type classification task

  128. 2013 A Scalable Approach for Malware Detection through Bounded Feature Space Behavior Modeling

  129. 2013 SigMal: A Static Signal Processing Based Malware Triage

  130. 2014 Unsupervised Anomaly-Based Malware Detection Using Hardware Features

  131. 2014 Control flow-based opcode behavior analysis for Malware detection

  132. 2015 Employing Program Semantics for Malware Detection

  133. 2015 AMAL: High-fidelity, behavior-based automated malware analysis and classification

  134. 2016 Optimized Invariant Representation of Network Traffic for Detecting Unseen Malware Variants

  135. 2017 DYNAMINER: Leveraging Offline Infection Analytics for On-the-Wire Malware Detection

  136. 2017 Security importance assessment for system objects and malware detection

  137. 2018 From big data to knowledge: A spatiotemporal approach to malware detection

  138. 2019 MalDAE: Detecting and explaining malware based on correlation and fusion of static and dynamic characteristics

  139. 2019 Leveraging Compression-Based Graph Mining for Behavior-Based Malware Detection

  140. 2020 Advanced Windows Methods on Malware Detection and Classification

  141. 2020 Sub-curve HMM: A malware detection approach based on partial analysis of API call sequences

  142. 2020 Multiclass malware classification via first- and second-order texture statistics

  143. 2021 Catch them alive: A malware detection approach through memory forensics, manifold learning and computer vision

  144. 2018 Auto-detection of sophisticated malware using lazy-binding control flow graph and deep learning

  145. 2018 Malware identification using visualization images and deep learning

  146. 2018 Classification of Malware by Using Structural Entropy on Convolutional Neural Networks

  147. 2019 Classifying Malware Represented as Control Flow Graphs using Deep Graph Convolutional Neural Network

  148. 2019 Neurlux: Dynamic Malware Analysis Without Feature Engineering

  149. 2019 A feature-hybrid malware variants detection using CNN based opcode embedding and BPNN based API embedding

  150. 2019 Effective analysis of malware detection in cloud computing

  151. 2020 Recurrent neural network for detecting malware

  152. 2020 Dynamic Malware Analysis with Feature Engineering and Feature Learning

  153. 2020 An improved two-hidden-layer extreme learning machine for malware hunting

  154. 2020 HYDRA: A multimodal deep learning framework for malware classification

  155. 2020 A novel method for malware detection on ML-based visualization technique

  156. 2020 Image-Based malware classification using ensemble of CNN architectures (IMCEC)