Advancements in Malware Classification and Binary Analysis

The field of malware classification and binary analysis is rapidly evolving, with a focus on developing innovative techniques to detect and classify malware. Recent research has centered around improving the accuracy and efficiency of machine learning and deep learning models, particularly in detecting zero-day malware and Advanced Persistent Threats (APTs). The use of opcode sequences, dynamic binary instrumentation, and transformer models has shown promising results in identifying malicious behavior. Additionally, there is a growing interest in developing scalable and parallelizable methods for feature extraction and model training, leveraging GPU acceleration and parallel computing. Another area of research is focused on improving binary similarity identification and code verification, with frameworks like ReGraph and IsaBIL providing efficient and flexible solutions. Noteworthy papers in this area include:

  • Zero Day Malware Detection with Alpha, which presents a framework for zero-day malware detection using transformer models and dynamic binary instrumentation.
  • ReGraph, a tool for binary similarity identification that exhibits a significant speed advantage over existing methods.
  • IsaBIL, a framework for verifying correctness of binaries in Isabelle/HOL, which provides a highly flexible proof environment for program binaries.

Sources

OpCode-Based Malware Classification Using Machine Learning and Deep Learning Techniques

Version-level Third-Party Library Detection in Android Applications via Class Structural Similarity

Zero Day Malware Detection with Alpha: Fast DBI with Transformer Models for Real World Application

Scalable APT Malware Classification via Parallel Feature Extraction and GPU-Accelerated Learning

ReGraph: A Tool for Binary Similarity Identification

IsaBIL: A Framework for Verifying (In)correctness of Binaries in Isabelle/HOL (Extended Version)

Built with on top of