Detailed Information
Cited 7 time in 
Cited 9 time in 
Cited 9 time in
Metadata Downloads
Triplet-trained graph transformer with control flow graph for few-shot malware classification
Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Bu, Seok-Jun | - |
| dc.contributor.author | Cho, Sung-Bae | - |
| dc.date.accessioned | 2024-12-03T02:01:01Z | - |
| dc.date.available | 2024-12-03T02:01:01Z | - |
| dc.date.issued | 2023-11 | - |
| dc.identifier.issn | 0020-0255 | - |
| dc.identifier.issn | 1872-6291 | - |
| dc.identifier.uri | https://scholarworks.gnu.ac.kr/handle/sw.gnu/73644 | - |
| dc.description.abstract | The exponential proliferation of malware requires robust detection mechanisms for the security of global enterprises and national infrastructures. Conventional malware classification methods primarily depend on extensive datasets of curated malware samples, rendering them suboptimal for detecting novel strains exploiting contemporary vulnerabilities. In this paper, we reformulate malware detection as a few-shot learning task, and propose a new distance-based classification method that harnesses the innate functional attributes of malware to mitigate the dependency on sample volume. A disentangled representation of the malware's control flow graph is exploited, and a specialized transformer architecture is trained with a triplet-loss function, aiming to finetune the representation of malicious attributes. An attention mechanism of the transformer judiciously discerns functional signatures from intricate control flow graphs. Empirical evaluations on real-world malware datasets underscore the efficacy of the proposed method, achieving an outstanding recall rate of 83.37% with mere 2,000 training samples. As a result, our method outperforms the state-of-the-art methods with an accuracy of 99.45% and a recall of 97.89%. | - |
| dc.language | 영어 | - |
| dc.language.iso | ENG | - |
| dc.publisher | Elsevier BV | - |
| dc.title | Triplet-trained graph transformer with control flow graph for few-shot malware classification | - |
| dc.type | Article | - |
| dc.publisher.location | 미국 | - |
| dc.identifier.doi | 10.1016/j.ins.2023.119598 | - |
| dc.identifier.scopusid | 2-s2.0-85170280051 | - |
| dc.identifier.wosid | 001077949700001 | - |
| dc.identifier.bibliographicCitation | Information Sciences, v.649 | - |
| dc.citation.title | Information Sciences | - |
| dc.citation.volume | 649 | - |
| dc.type.docType | Article | - |
| dc.description.isOpenAccess | N | - |
| dc.description.journalRegisteredClass | scie | - |
| dc.description.journalRegisteredClass | scopus | - |
| dc.relation.journalResearchArea | Computer Science | - |
| dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
| dc.subject.keywordAuthor | Malware classification | - |
| dc.subject.keywordAuthor | Few -shot learning | - |
| dc.subject.keywordAuthor | Control flow graph | - |
| dc.subject.keywordAuthor | Transformer network | - |
| dc.subject.keywordAuthor | Triplet network | - |
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - ETC > Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.