AppPoet: Large Language Model based Android malware detection via multi-view prompt engineering
Wenxiang Zhao, Juntao Wu, Zhaoyi Meng
TL;DR
AppPoet leverages large language models and multi-view prompt engineering to enhance Android malware detection accuracy, interpretability, and report readability by analyzing diverse application features and behaviors.
Contribution
The paper introduces a novel LLM-assisted multi-view system that improves malware detection and interpretability through prompt-guided semantic analysis and report generation.
Findings
Achieves 97.15% detection accuracy
F1 score of 97.21% surpassing baselines
Generates human-readable diagnostic reports
Abstract
Due to the vast array of Android applications, their multifarious functions and intricate behavioral semantics, attackers can adopt various tactics to conceal their genuine attack intentions within legitimate functions. However, numerous learning-based methods suffer from a limitation in mining behavioral semantic information, thus impeding the accuracy and efficiency of Android malware detection. Besides, the majority of existing learning-based methods are weakly interpretive and fail to furnish researchers with effective and readable detection reports. Inspired by the success of the Large Language Models (LLMs) in natural language understanding, we propose AppPoet, a LLM-assisted multi-view system for Android malware detection. Firstly, AppPoet employs a static method to comprehensively collect application features and formulate various observation views. Then, using our carefully…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Malware Detection Techniques · Network Security and Intrusion Detection · Mobile and Web Applications