A Bayesian Model Combination-based approach to Active Malware Analysis

Abhilash Hota; Jurgen Schonwalder

arXiv:2212.04781·cs.CR·December 12, 2022

A Bayesian Model Combination-based approach to Active Malware Analysis

Abhilash Hota, Jurgen Schonwalder

PDF

TL;DR

This paper introduces a Bayesian Model Combination approach to improve the efficiency and performance of Active Malware Analysis by modeling it as a Bayes-Active Markov Decision Process.

Contribution

It presents a novel Bayesian Model Combination method for training malware analyzers, enhancing decision-making in active malware analysis tasks.

Findings

01

Improved performance over existing Bayesian methods

02

More efficient action selection in malware analysis

03

Effective modeling of malware behavior through Bayesian approaches

Abstract

Active Malware Analysis involves modeling malware behavior by executing actions to trigger responses and explore multiple execution paths. One of the aims is making the action selection more efficient. This paper treats Active Malware Analysis as a Bayes-Active Markov Decision Process and uses a Bayesian Model Combination approach to train an analyzer agent. We show an improvement in performance against other Bayesian and stochastic approaches to Active Malware Analysis.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.