The paper proposes a model-agnostic framework to evaluate combining Active Learning (AL) and Semi-Supervised Learning (SSL) techniques for malware detection, demonstrating that these combined methods…

The paper introduces Trident, a novel malware detection system that combines static features, LLM-derived behavioral rules, and direct LLM analysis to achieve superior robustness against concept drift…

The paper proposes a cost-aware, adaptive maintenance framework using Reinforcement Learning (RL) and self-supervised learning to mitigate performance degradation (concept drift) in Android malware de…

This study longitudinally evaluates the adversarial robustness of Android malware detection systems over a decade, finding that temporal separation significantly degrades robustness due to concept dri…

The paper demonstrates that static malware classifiers often rely on superficial artifacts like packing and metadata rather than true malicious semantics, using the TRUSTEE interpretability tool to di…

The paper proposes a zero-label malware family classification framework that uses a weighted hierarchical ensemble of large language models (LLMs) to classify malware without requiring labeled trainin…

This paper demonstrates that YARA rules, even when stripped of metadata, contain enough stylistic information to accurately infer the original source repository, author, and even the malware family.

The paper proposes SEED, a novel semantic-structure-agnostic semi-supervised continual learning method that significantly improves malware detection performance under limited labeling by leveraging re…

The paper proposes a novel method to generate adversarial malware samples that evade deep learning detectors while simultaneously minimizing the detectable 'drift' signals, showing that similarity con…

This paper provides the first longitudinal analysis of log-based detection rule evolution in public repositories, finding that rule changes reflect ongoing operational trade-offs rather than steady co…

The paper proposes a universal robustification framework to enhance drift-adaptive malware detectors against combined concept drift and adversarial attacks, significantly reducing attack success rates…

The paper introduces McNdroid, a large longitudinal multimodal benchmark for Android malware, demonstrating that temporal drift significantly degrades detection performance, which is best mitigated by…

This paper proposes a hybrid feature fusion and voting-based approach for automated malware detection and classification into specific malware families, achieving high performance metrics like an AUC…

The paper constructs a large, adversarial malware dataset from real-world binaries, demonstrating high evasion rates and showing that even small amounts of poisoned data can severely compromise malwar…

AsmRAG is a novel framework that improves malware detection by treating it as an evidence-based retrieval task using a code-specialized LLM, achieving high accuracy while providing transparent forensi…

This paper introduces a novel malware detection system for macOS by utilizing domain-specific static features, achieving state-of-the-art performance and demonstrating strong generalization capabiliti…

MalwarePT introduces a novel binary-level foundation model, pretrained on Windows PE code-section bytes using a ModernBERT-style encoder, demonstrating superior transfer learning capabilities across v…

The paper introduces TUANDROMD-X, a novel, high-quality, static analysis dataset that incorporates both visual and entropy-based features to enhance the detection and classification of advanced malwar…

The paper introduces a high-precision APT malware attribution method that uses ranked binary classifiers with explicit abstention, significantly improving accuracy when encountering unknown or out-of-…

eDySec introduces a deep learning framework for dynamic behavioral analysis that significantly improves the detection of malicious software packages in the PyPI ecosystem by enhancing stability and ex…