* update 2024-05-01 06:17:17

arXiv_db/Malware/2024.md

@@ -1146,3 +1146,27 @@
 
 </details>
 
+<details>
+
+<summary>2024-04-29 09:28:57 - Machine Learning for Windows Malware Detection and Classification: Methods, Challenges and Ongoing Research</summary>
+
+- *Daniel Gibert*
+
+- `2404.18541v1` - [abs](http://arxiv.org/abs/2404.18541v1) - [pdf](http://arxiv.org/pdf/2404.18541v1)
+
+> In this chapter, readers will explore how machine learning has been applied to build malware detection systems designed for the Windows operating system. This chapter starts by introducing the main components of a Machine Learning pipeline, highlighting the challenges of collecting and maintaining up-to-date datasets. Following this introduction, various state-of-the-art malware detectors are presented, encompassing both feature-based and deep learning-based detectors. Subsequent sections introduce the primary challenges encountered by machine learning-based malware detectors, including concept drift and adversarial attacks. Lastly, this chapter concludes by providing a brief overview of the ongoing research on adversarial defenses.
+
+</details>
+
+<details>
+
+<summary>2024-04-29 15:52:45 - AppPoet: Large Language Model based Android malware detection via multi-view prompt engineering</summary>
+
+- *Wenxiang Zhao, Juntao Wu, Zhaoyi Meng*
+
+- `2404.18816v1` - [abs](http://arxiv.org/abs/2404.18816v1) - [pdf](http://arxiv.org/pdf/2404.18816v1)
+
+> Due to the vast array of Android applications, their multifarious functions and intricate behavioral semantics, attackers can adopt various tactics to conceal their genuine attack intentions within legitimate functions. However, numerous feature engineering based methods suffer from a limitation in mining behavioral semantic information, thus impeding the accuracy and efficiency of Android malware detection. Besides, the majority of existing feature engineering based methods are weakly interpretive and fail to furnish researchers with effective and readable detection reports. Inspired by the success of the Large Language Models (LLMs) in natural language understanding, we propose AppPoet, a LLM-assisted multi-view system for Android malware detection. Firstly, AppPoet employs a static method to comprehensively collect application features and formulate various observation views. Subsequently, it steers the LLM to produce function descriptions and behavioral summaries for views via our meticulously devised multi-view prompt engineering technique to realize the deep mining of view semantics. Finally, we collaboratively fuse the multi-view information to efficiently and accurately detect malware through a deep neural network (DNN) classifier and then generate the heuristic diagnostic reports. Experimental results demonstrate that our method achieves a detection accuracy of 97.15% and an F1 score of 97.21%, which is superior to the baseline method Drebin and its variant. Furthermore, the case study evaluates the effectiveness of our generated diagnostic reports.
+
+</details>
+