Explainable Artificial Intelligence (XAI) for Malware Analysis: A Survey   of Techniques, Applications, and Open Challenges

Harikha Manthena; Shaghayegh Shajarian; Jeffrey Kimmell; Mahmoud; Abdelsalam; Sajad Khorsandroo; and Maanak Gupta

arXiv:2409.13723·cs.CR·April 9, 2025

Explainable Artificial Intelligence (XAI) for Malware Analysis: A Survey of Techniques, Applications, and Open Challenges

Harikha Manthena, Shaghayegh Shajarian, Jeffrey Kimmell, Mahmoud, Abdelsalam, Sajad Khorsandroo, and Maanak Gupta

PDF

Open Access

TL;DR

This survey reviews current explainable AI techniques applied to malware analysis, emphasizing the importance of interpretability in cybersecurity, discussing existing methods, challenges, and future research directions.

Contribution

It provides a comprehensive overview of XAI methods in malware detection, highlighting open challenges and recent advancements in making models more interpretable.

Findings

01

XAI enhances malware detection interpretability

02

Existing frameworks face challenges in complex malware scenarios

03

Open research directions include improving explanation fidelity

Abstract

Machine learning (ML) has rapidly advanced in recent years, revolutionizing fields such as finance, medicine, and cybersecurity. In malware detection, ML-based approaches have demonstrated high accuracy; however, their lack of transparency poses a significant challenge. Traditional black-box models often fail to provide interpretable justifications for their predictions, limiting their adoption in security-critical environments where understanding the reasoning behind a detection is essential for threat mitigation and response. Explainable AI (XAI) addresses this gap by enhancing model interpretability while maintaining strong detection capabilities. This survey presents a comprehensive review of state-of-the-art ML techniques for malware analysis, with a specific focus on explainability methods. We examine existing XAI frameworks, their application in malware classification and…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsAdvanced Malware Detection Techniques · Network Security and Intrusion Detection · Digital and Cyber Forensics

MethodsFocus