Semantic embeddings for program behavior patterns

Alexander Chistyakov; Ekaterina Lobacheva; Arseny Kuznetsov; Alexey; Romanenko

arXiv:1804.03635·cs.CR·April 11, 2018

Semantic embeddings for program behavior patterns

Alexander Chistyakov, Ekaterina Lobacheva, Arseny Kuznetsov, Alexey, Romanenko

PDF

Open Access

TL;DR

This paper introduces a novel feature extraction method using semantic embeddings of program behavior patterns, improving malicious software detection by capturing interpretable structures in execution logs.

Contribution

It presents a new technique combining pattern extraction from behavior graphs with autoencoder-based embeddings, enhancing malware detection capabilities.

Findings

01

Embedding space captures interpretable structures

02

Improved detection accuracy on real-world malware data

03

Effective extraction of complex behavior patterns

Abstract

In this paper, we propose a new feature extraction technique for program execution logs. First, we automatically extract complex patterns from a program's behavior graph. Then, we embed these patterns into a continuous space by training an autoencoder. We evaluate the proposed features on a real-world malicious software detection task. We also find that the embedding space captures interpretable structures in the space of pattern parts.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsAdvanced Malware Detection Techniques · Software Engineering Research · Network Security and Intrusion Detection