Litcius/Paper detail

Malware Classification by Learning Semantic and Structural Features of Control Flow Graphs

Bolun Wu, Yuanhang Xu, Futai Zou

20212021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)24 citationsDOI

Abstract

Malware has become one of the biggest threats in the cyber world due to its ever-evolving nature. Machine learning-based methods rely on expertise in selecting handcrafted features which is time-consuming. Recent control flow graphs (CFGs) based method makes the best of graph neural network (GNN) on malware classification. But it ignores the semantic information inside CFGs and also relies on manually-designed features. To overcome these drawbacks, in this work, we introduce a malware classification model called MCBG that applies BERT and Graph Isomorphism Network with JumpingKnowledge (GIN-JK) to capture both semantic and structural features of CFGs. We conduct 5-fold cross-validation on Microsoft Malware Classification Challenge dataset to evaluate our model and it achieves an accuracy of 99.53%. The experimental results demonstrate that building semantic models on basic blocks is essential. Besides, MCBG outperforms the model which only considers CFG's structural information. Also, without using any manually-selected feature, it outperforms those of the state-of-the-art methods based on handcrafted malware features.

Topics & Concepts

MalwareComputer scienceArtificial intelligenceMachine learningControl flow graphFeature engineeringFeature (linguistics)GraphData miningDeep learningTheoretical computer scienceComputer securityPhilosophyLinguisticsAdvanced Malware Detection TechniquesNetwork Security and Intrusion DetectionSoftware Engineering Research
Malware Classification by Learning Semantic and Structural Features of Control Flow Graphs | Litcius