* update 2024-09-14 06:20:12

arXiv_db/Malware/2024.md

@@ -2618,3 +2618,39 @@
 
 </details>
 
+<details>
+
+<summary>2024-09-11 19:33:44 - Exploring LLMs for Malware Detection: Review, Framework Design, and Countermeasure Approaches</summary>
+
+- *Jamal Al-Karaki, Muhammad Al-Zafar Khan, Marwan Omar*
+
+- `2409.07587v1` - [abs](http://arxiv.org/abs/2409.07587v1) - [pdf](http://arxiv.org/pdf/2409.07587v1)
+
+> The rising use of Large Language Models (LLMs) to create and disseminate malware poses a significant cybersecurity challenge due to their ability to generate and distribute attacks with ease. A single prompt can initiate a wide array of malicious activities. This paper addresses this critical issue through a multifaceted approach. First, we provide a comprehensive overview of LLMs and their role in malware detection from diverse sources. We examine five specific applications of LLMs: Malware honeypots, identification of text-based threats, code analysis for detecting malicious intent, trend analysis of malware, and detection of non-standard disguised malware. Our review includes a detailed analysis of the existing literature and establishes guiding principles for the secure use of LLMs. We also introduce a classification scheme to categorize the relevant literature. Second, we propose performance metrics to assess the effectiveness of LLMs in these contexts. Third, we present a risk mitigation framework designed to prevent malware by leveraging LLMs. Finally, we evaluate the performance of our proposed risk mitigation strategies against various factors and demonstrate their effectiveness in countering LLM-enabled malware. The paper concludes by suggesting future advancements and areas requiring deeper exploration in this fascinating field of artificial intelligence.
+
+</details>
+
+<details>
+
+<summary>2024-09-11 20:42:41 - Advancing Malicious Website Identification: A Machine Learning Approach Using Granular Feature Analysis</summary>
+
+- *Kinh Tran, Dusan Sovilj*
+
+- `2409.07608v1` - [abs](http://arxiv.org/abs/2409.07608v1) - [pdf](http://arxiv.org/pdf/2409.07608v1)
+
+> Malicious website detection is an increasingly relevant yet intricate task that requires the consideration of a vast amount of fine details. Our objective is to create a machine learning model that is trained on as many of these finer details as time will allow us to classify a website as benign or malicious. If malicious, the model will classify the role it plays (phishing, spam, malware hosting, etc.). We proposed 77 features and created a dataset of 441,701 samples spanning 9 website classifications to train our model. We grouped the proposed features into feature subsets based on the time and resources required to compute these features and the performance changes with the inclusion of each subset to the model. We found that the performance of the best performing model increased as more feature subsets were introduced. In the end, our best performing model was able to classify websites into 1 of 9 classifications with a 95.89\% accuracy score. We then investigated how well the features we proposed ranked in importance and detail the top 10 most relevant features according to our models. 2 of our URL embedding features were found to be the most relevant by our best performing model, with content-based features representing half of the top 10 spots. The rest of the list was populated with singular features from different feature categories including: a host feature, a robots.txt feature, a lexical feature, and a passive domain name system feature.
+
+</details>
+
+<details>
+
+<summary>2024-09-12 10:45:45 - Mobile App Security Trends and Topics: An Examination of Questions From Stack Overflow</summary>
+
+- *Timothy Huo, Ana Catarina Araújo, Jake Imanaka, Anthony Peruma, Rick Kazman*
+
+- `2409.07926v1` - [abs](http://arxiv.org/abs/2409.07926v1) - [pdf](http://arxiv.org/pdf/2409.07926v1)
+
+> The widespread use of smartphones and tablets has made society heavily reliant on mobile applications (apps) for accessing various resources and services. These apps often handle sensitive personal, financial, and health data, making app security a critical concern for developers. While there is extensive research on software security topics like malware and vulnerabilities, less is known about the practical security challenges mobile app developers face and the guidance they seek. \rev{In this study, we mine Stack Overflow for questions on mobile app security, which we analyze using quantitative and qualitative techniques.} The findings reveal that Stack Overflow is a major resource for developers seeking help with mobile app security, especially for Android apps, and identifies seven main categories of security questions: Secured Communications, Database, App Distribution Service, Encryption, Permissions, File-Specific, and General Security. Insights from this research can inform the development of tools, techniques, and resources by the research and vendor community to better support developers in securing their mobile apps.
+
+</details>
+