This paper proposes a hybrid feature fusion and voting-based approach for automated malware detection and classification into specific malware families, achieving high performance metrics like an AUC…

This paper introduces a novel malware detection system for macOS by utilizing domain-specific static features, achieving state-of-the-art performance and demonstrating strong generalization capabiliti…

The paper proposes a framework to intentionally evade malware detectors by adding a small number of benign API imports, successfully demonstrating targeted misclassification into a chosen benign categ…

The paper proposes a certifiably robust malware detection framework using randomized smoothing and feature ablation to guarantee detection accuracy against metamorphic evasion attacks.

The paper proposes a model-agnostic framework to evaluate combining Active Learning (AL) and Semi-Supervised Learning (SSL) techniques for malware detection, demonstrating that these combined methods…

The paper introduces McNdroid, a large longitudinal multimodal benchmark for Android malware, demonstrating that temporal drift significantly degrades detection performance, which is best mitigated by…

This study longitudinally evaluates the adversarial robustness of Android malware detection systems over a decade, finding that temporal separation significantly degrades robustness due to concept dri…

The paper constructs a large, adversarial malware dataset from real-world binaries, demonstrating high evasion rates and showing that even small amounts of poisoned data can severely compromise malwar…

MalwarePT introduces a novel binary-level foundation model, pretrained on Windows PE code-section bytes using a ModernBERT-style encoder, demonstrating superior transfer learning capabilities across v…

This paper addresses the lack of research on adversarial malware generation for Linux ELF binaries by developing a new semantic-preserving generator that achieves a high evasion rate against modern de…

The paper proposes a zero-label malware family classification framework that uses a weighted hierarchical ensemble of large language models (LLMs) to classify malware without requiring labeled trainin…

The paper introduces the first byte-native Large Language Model (LLM) capable of analyzing raw executable binary data, achieving high accuracy in tasks like malware and architecture classification.

The paper proposes a novel method to generate adversarial malware samples that evade deep learning detectors while simultaneously minimizing the detectable 'drift' signals, showing that similarity con…

The paper demonstrates that static malware classifiers often rely on superficial artifacts like packing and metadata rather than true malicious semantics, using the TRUSTEE interpretability tool to di…

FreeMOCA is a memory- and compute-efficient continual learning framework that uses adaptive layer-wise interpolation in parameter space to prevent catastrophic forgetting when analyzing evolving malwa…

The paper introduces a high-precision APT malware attribution method that uses ranked binary classifiers with explicit abstention, significantly improving accuracy when encountering unknown or out-of-…

This paper quantifies the polymorphic capacity of a commercial LLM, demonstrating that it can cheaply generate large populations of structurally diverse, yet behaviorally equivalent, offensive code pa…

MimeLens is a novel, position-agnostic BERT-style encoder that accurately detects file types from arbitrary binary fragments, outperforming existing methods like Magika, especially on non-standard inp…

The paper proposes a universal robustification framework to enhance drift-adaptive malware detectors against combined concept drift and adversarial attacks, significantly reducing attack success rates…

The paper proposes a time-aware self-supervised learning framework using BYOL to improve Android malware detection robustness by accurately accounting for app release times.