-
-
-
- 
- Yi-Hsien Chen
- National Taiwan University
-
-
- Guided Malware Sample Analysis Based on Graph Neural Networks
- Malicious binaries have caused data and monetary loss to people, and these binaries keep evolving rapidly nowadays. While manual analysis is slow and ineffective, automated malware report generation is a long-term goal for malware analysts and researchers. This study moves one step toward the goal by identifying essential functions in malicious binaries to accelerate and even automate the analyzing process. We design and implement an expert system based on our proposed graph neural network called MalwareExpert. The system pinpoints the essential functions of an analyzed sample and visualizes the relationships between involved parts. The evaluation results show that our approach has a competitive detection performance (97.3% accuracy and 96.5% recall rate) compared to existing malware detection models. Moreover, it gives an intuitive and
-easy-to-understand explanation of the model predictions by visualizing and correlating essential functions. We compare the identified essential functions reported by our system against several expert-made malware analysis reports from multiple sources. Our qualitative and quantitative analyses show that the pinpointed functions indicate accurate directions. In the best case, the top 2% of functions reported from the system can cover all expert-annotated functions in three steps. We believe that the MalwareExpert system has shed light on automated program behavior analysis.
- Presentation Date: Monday, October 30th, 2023 at 10:30 AM CET
-
-
-
-
-
@@ -223,6 +206,31 @@ Past Seminars
+ -
+
+ Guided Malware Sample Analysis Based on Graph Neural Networks, Monday, October 30th, 2023, by Yi-Hsien Chen from NTU
+
+
+
+
+
+
+
+
Yi-Hsien Chen
+ National Taiwan University
+
+
+ Guided Malware Sample Analysis Based on Graph Neural Networks
+ Malicious binaries have caused data and monetary loss to people, and these binaries keep evolving rapidly nowadays. While manual analysis is slow and ineffective, automated malware report generation is a long-term goal for malware analysts and researchers. This study moves one step toward the goal by identifying essential functions in malicious binaries to accelerate and even automate the analyzing process. We design and implement an expert system based on our proposed graph neural network called MalwareExpert. The system pinpoints the essential functions of an analyzed sample and visualizes the relationships between involved parts. The evaluation results show that our approach has a competitive detection performance (97.3% accuracy and 96.5% recall rate) compared to existing malware detection models. Moreover, it gives an intuitive and
+easy-to-understand explanation of the model predictions by visualizing and correlating essential functions. We compare the identified essential functions reported by our system against several expert-made malware analysis reports from multiple sources. Our qualitative and quantitative analyses show that the pinpointed functions indicate accurate directions. In the best case, the top 2% of functions reported from the system can cover all expert-annotated functions in three steps. We believe that the MalwareExpert system has shed light on automated program behavior analysis.
+ Presentation Date: Monday, October 30th, 2023 at 10:30 AM CET
+
+
+
+
+
+
+
-
Rete: Learning Namespace Representation for Program Repair, Monday, October 9th, 2023, by Nikhil Parasaram from UCL
@@ -232,7 +240,7 @@
Past Seminars
- 
+
Nikhil Parasaram
University College London
@@ -246,6 +254,7 @@ Rete: Learning Namespace Representation for Program Repair
+
- Yi-Hsien Chen
-National Taiwan University
-Guided Malware Sample Analysis Based on Graph Neural Networks
-Malicious binaries have caused data and monetary loss to people, and these binaries keep evolving rapidly nowadays. While manual analysis is slow and ineffective, automated malware report generation is a long-term goal for malware analysts and researchers. This study moves one step toward the goal by identifying essential functions in malicious binaries to accelerate and even automate the analyzing process. We design and implement an expert system based on our proposed graph neural network called MalwareExpert. The system pinpoints the essential functions of an analyzed sample and visualizes the relationships between involved parts. The evaluation results show that our approach has a competitive detection performance (97.3% accuracy and 96.5% recall rate) compared to existing malware detection models. Moreover, it gives an intuitive and -easy-to-understand explanation of the model predictions by visualizing and correlating essential functions. We compare the identified essential functions reported by our system against several expert-made malware analysis reports from multiple sources. Our qualitative and quantitative analyses show that the pinpointed functions indicate accurate directions. In the best case, the top 2% of functions reported from the system can cover all expert-annotated functions in three steps. We believe that the MalwareExpert system has shed light on automated program behavior analysis.
-Presentation Date: Monday, October 30th, 2023 at 10:30 AM CET
-
@@ -223,6 +206,31 @@ Past Seminars
+ -
+
+ Guided Malware Sample Analysis Based on Graph Neural Networks, Monday, October 30th, 2023, by Yi-Hsien Chen from NTU
+
+
+
+
+
+
+
+
Yi-Hsien Chen
+ National Taiwan University
+
+
+ Guided Malware Sample Analysis Based on Graph Neural Networks
+ Malicious binaries have caused data and monetary loss to people, and these binaries keep evolving rapidly nowadays. While manual analysis is slow and ineffective, automated malware report generation is a long-term goal for malware analysts and researchers. This study moves one step toward the goal by identifying essential functions in malicious binaries to accelerate and even automate the analyzing process. We design and implement an expert system based on our proposed graph neural network called MalwareExpert. The system pinpoints the essential functions of an analyzed sample and visualizes the relationships between involved parts. The evaluation results show that our approach has a competitive detection performance (97.3% accuracy and 96.5% recall rate) compared to existing malware detection models. Moreover, it gives an intuitive and
+easy-to-understand explanation of the model predictions by visualizing and correlating essential functions. We compare the identified essential functions reported by our system against several expert-made malware analysis reports from multiple sources. Our qualitative and quantitative analyses show that the pinpointed functions indicate accurate directions. In the best case, the top 2% of functions reported from the system can cover all expert-annotated functions in three steps. We believe that the MalwareExpert system has shed light on automated program behavior analysis.
+ Presentation Date: Monday, October 30th, 2023 at 10:30 AM CET
+
+
+
+
+
+
+
-
Rete: Learning Namespace Representation for Program Repair, Monday, October 9th, 2023, by Nikhil Parasaram from UCL
@@ -232,7 +240,7 @@
Past Seminars
-
+
Nikhil Parasaram
University College London
@@ -246,6 +254,7 @@ Rete: Learning Namespace Representation for Program Repair
+
-
+
-
+ + Guided Malware Sample Analysis Based on Graph Neural Networks, Monday, October 30th, 2023, by Yi-Hsien Chen from NTU + ++ +++++++
+
Yi-Hsien Chen
+National Taiwan University
+++Guided Malware Sample Analysis Based on Graph Neural Networks
+Malicious binaries have caused data and monetary loss to people, and these binaries keep evolving rapidly nowadays. While manual analysis is slow and ineffective, automated malware report generation is a long-term goal for malware analysts and researchers. This study moves one step toward the goal by identifying essential functions in malicious binaries to accelerate and even automate the analyzing process. We design and implement an expert system based on our proposed graph neural network called MalwareExpert. The system pinpoints the essential functions of an analyzed sample and visualizes the relationships between involved parts. The evaluation results show that our approach has a competitive detection performance (97.3% accuracy and 96.5% recall rate) compared to existing malware detection models. Moreover, it gives an intuitive and +easy-to-understand explanation of the model predictions by visualizing and correlating essential functions. We compare the identified essential functions reported by our system against several expert-made malware analysis reports from multiple sources. Our qualitative and quantitative analyses show that the pinpointed functions indicate accurate directions. In the best case, the top 2% of functions reported from the system can cover all expert-annotated functions in three steps. We believe that the MalwareExpert system has shed light on automated program behavior analysis.
+Presentation Date: Monday, October 30th, 2023 at 10:30 AM CET
+
+
+
+
-
Rete: Learning Namespace Representation for Program Repair, Monday, October 9th, 2023, by Nikhil Parasaram from UCL @@ -232,7 +240,7 @@
Past Seminars
+-@@ -246,6 +254,7 @@
+
Nikhil Parasaram
University College London
Rete: Learning Namespace Representation for Program Repair