lzshaoshuai/Awesome-Malware-Related-Papers

恶意软件相关论文的列表

Awesome-Malware-Related-Papers

A curated list of malware-related papers.

Contents:

• Awesome-Malware-Related-Papers
  • Contents:
  • 1. Detection Papers
    • 1. Android
    • 2. Windows
    • 3. Linux
    • 4. PDF
  • 2. Adversarial Attack Papers
    • 1. Android
      • 1. Evasion Attack
      • 2. Poisoning Attack
    • 2. Windows
      • 1. Evasion Attack
    • 3. PDF
      • 1. Evasion Attack
    • 4. Source Code Attribution
      • 1. Evasion Attack
  • 3. Adversarial Defense Papers
    • 1. Android
      • 1. Adversarial Defense
      • 2. Poisoning Defense
    • 2. IoT
      • 1. Adversarial Defense
  • 4. Misc Papers
  • 5. Survey Papers
  • Contributing
  • Licenses

1. Detection Papers

1. Android

1. Hey, You, Get off of My Market: Detecting Malicious Apps in Official and Alternative Android Market. NDSS 2012. Permission Footprinting for known malware, Heuristic-based detection engine for unknown malware [pdf]

2. RiskRanker: Scalable and Accurate Zero-day Android Malware Detection. MobiSys 2012. Two-order Risk analyze engine by android behavior [pdf]

3. Dissecting Android Malware: Characterization and Evolution. IEEE S&P 2012. Measurement Study of Android [pdf] [dataset (not available now)]

4. Using Probabilistic Generative Models for Ranking Risks of Android Apps. CCS 2012. Probabilistic Method with permission information [pdf]

5. DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket. NDSS 2014. Static feature groups from manifest and disassembled code, SVM [pdf] [dataset]

6. Apposcopy: Semantics-Based Detection of Android Malware through Static Analysis. FSE 2014. Semantic-based feature to detect a spefic family malware that steals private user information [pdf]

7. DroidMiner: Automated Mining and Characterization of Fine-grained Malicious Behaviors in Android Applications. ESORICS 2014. Detection by extracting the malware modalities [pdf]

8. Semantic Modelling of Android Malware for Effective Malware Comprehension, Detection, and Classification. ISSTA 2016. Detection by capuature the semantic information [pdf]

9. MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models. NDSS 2017. Behavior Model, Sequence of abstract API calls, Markov Chain [pdf]

10. Transcend: Detecting Concept Drift in Malware Classification Models. USENIX Security 2017. Conformal Evaluator for OOD [pdf] [code]

11. Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection. TDSC 2017. A variant algorithm to SVM for resisting the obsfucation based attack [pdf]

12. Lightweight, Obfuscation-Resilient Detection and Family Identification of Android Malware. TOSEM 2017. Detection by using Android-API usage for lightweight [pdf]

13. DeepRefiner: Multi-layer Android Malware Detection System Applying Deep Neural Networks. Euro S&P 2018. code to vec for detection [pdf]

14. Coevolution of Mobile Malware and Anti-Malware. TIFS 2018. Coevolution with android malware and anti-malware [pdf]

15. TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time. USENIX 2019. New Metric to evaluate the classify performance during time [pdf] [code]

16. A Multimodal Deep Learning Method for Android Malware Detection Using Various Features. TIFS 2019. Use opcode sequence to detect Malware [pdf]

17. AndrEnsemble: Leveraging API Ensembles to Characterize Android Malware Families. AsiaCCS 2019. Use API call graph to detect Malware [pdf]

18. Android Malware Detection via (Somewhat) Robust Irreversible Feature Transformations. TIFS 2020. Detect Malware using feature fusion [pdf]

19. SDAC: A Slow-Aging Solution for Android Malware Detection Using Semantic Distance Based API Clustering. TDSC 2020. Mitigate model aging by API clustering [pdf]

20. Byte-level malware classification based on markov images and deep learning. Computers & Security 2020. Use markov image to detect malware [pdf]

21. Enhancing State-of-the-art Classifiers with API Semantics to Detect Evolved Android Malware. CCS 2020. Use API Relation to detect Malware [pdf]

22. VAHunt: Warding Off New Repackaged Android Malware in App-Virtualization’s Clothing. CCS 2020. App Virtualization malware detection [pdf]

23. Why an Android App Is Classified as Malware: Toward Malware Classification Interpretation. TOSEM 2021. interperting malware detection algorithm [pdf]

24. SpecView: Malware Spectrum Visualization Framework With Singular Spectrum Transformation. TIFS 2021. Detection using spectrum [pdf]

25. An Inside Look into the Practice of Malware Analysis. CCS 2021. Malware analysis in practice measurement [pdf]

26. Differential Training: A Generic Framework to Reduce Label Noises for Android Malware Detection. NDSS 2021. Detect noisy labels [pdf]

27. CADE: Detecting and Explaining Concept Drift Samples for Security Applications. USENIX Security 2021. OOD Detection [pdf] [code]

28. Can We Leverage Predictive Uncertainty to Detect Dataset Shift and Adversarial Examples in Android Malware Detection?. ACSAC 2021. Predictive Uncertainity is useful to dataset shift but is useless for adversarial attack [pdf]

29. Transcending TRANSCEND: Revisiting Malware Classification in the Presence of Concept Drift. IEEE S&P 2022. OOD detection [pdf] [code]

2. Windows

1. Malware Detection by Eating a Whole EXE. AAAI WS 2018. Detection using raw bytes [pdf]

2. Activation Analysis of a Byte-Based Deep Neural Network for Malware Classification. AAAI WS 2018. Detection using raw bytes [pdf]

3. Towards Paving the Way for Large-Scale Windows Malware Analysis: Generic Binary Unpacking with Orders-of-Magnitude Performance Boost. IEEE S&P WS 2019. Detection using raw bytes [pdf]

4. Enhancing Robustness of Malware Detection using Synthetically-adversarial Samples. GLOBECOM 2020. Adversarial training for enhence the detection [pdf]

5. Learning from Context: A Multi-View Deep Learning Architecture for Malware Detection. IEEE S&P WS 2020. Detection with filepath [pdf]

6. When Malware is Packin’ Heat; Limits of Machine Learning Classifiers Based on Static Analysis Features. NDSS 2020. ML classifier ability for packed malware [pdf]

7. You Are What You Do: Hunting Stealthy Malware via Data Provenance Analysis. NDSS 2020. Detect Parasitic Malware [pdf]

8. Survivalism: Systematic Analysis of Windows Malware Living-Off-The-Land. IEEE S&P 2021. Analysis Living-off-the-land Malware [pdf]

9. I-MAD: Interpretable Malware Detector Using Galaxy Transformer. Computers&Security 2021. Detecting malware using transformers [pdf]

10. Does Every Second Count? Time-based Evolution of Malware Behavior in Sandboxes. NDSS 2021. Time for dynamic analysis [pdf]

11. Prevalence and Impact of Low-Entropy Packing Schemes in the Malware Ecosystem. NDSS 2022. Determine executables packing [pdf]

12. CruParamer: Learning on Parameter-Augmented API Sequences for Malware Detection. TIFS 2022. Detection using API sequences [pdf]

13. MalGraph: Hierarchical Graph Neural Networks for Robust Windows Malware Detection. INFOCOM 2022. Detection Using GNN [pdf]

3. Linux

1. Understanding Linux Malware. IEEE S&P 2018. Static and Dynamic analysis for linux malware [pdf]

4. PDF

1. On Training Robust PDF Malware Classifiers. USENIX Security 2020. Robustness Certification [pdf]

2. Adversarial Attack Papers

1. Android

1. Evasion Attack

1. DroidChameleon: Evaluating Android Anti-malware against Transformation Attacks. ASIA CCS 2013. Code Transformation techniques to generate malware [pdf]

2. Catch Me If You Can: Evaluating Android Anti-Malware Against Transformation Attacks. TIFS 2014. Evaluate DroidChameleon in AV Engines [pdf]

3. Adversarial Examples for Malware Detection. ESORICS 2017. Perturbed AndroidManifest File [pdf]

4. Malware Detection in Adversarial Settings: Exploiting Feature Evolutions and Confusions in Android Apps. ACSAC 2017. Perturbated Malware using program transplant [pdf]

5. Adversarial-Example Attacks Toward Android Malware Detection System. IEEE SYSTEMS JOURNAL 2020. Adversarial attack using GAN, but not mention problem space [pdf]

6. Adversarial Deep Ensemble: Evasion Attacks and Defenses for Malware Detection. TIFS 2020. Adversarial attack android, ensumble [pdf] [code]

7. Intriguing Properties of Adversarial ML Attacks in the Problem Space. IEEE S&P 2020. Adversarial Attack for drebin [pdf] [code]

8. Android HIV: A Study of Repackaging Malware for Evading Machine-Learning Detection. TIFS 2020. White-box C&W repackage attack [pdf]

9. ShadowDroid: Practical Black-box Attack against ML-based Android Malware Detection. IEEE ICAPDS 2021. Transfer attack to malware detector [pdf]

10. Robustness of Image-based Android Malware Detection Under Adversarial Attacks. IEEE IEEE ICC 2021. Attack Visual-based Feature by add benign component [pdf]

11. Structural Attack against Graph Based Android Malware Detection. ACM CCS 2021. Adversarial Attack to Grpah base Malware detection [pdf]

2. Poisoning Attack

1. Automated Poisoning Attacks and Defenses in Malware Detection Systems: An Adversarial Machine Learning Approach. Computers & Security 2018. Poisoning attack in android [pdf]

2. Explanation-Guided Backdoor Poisoning Attacks Against Malware Classifiers. USENIX Security 2021. Backdoor attack in android [pdf]

3. Backdoor Attack on Machine Learning Based Android Malware Detectors. TDSC 2021. Backdoor attack in android [pdf]

4. Jigsaw Puzzle: Selective Backdoor Attack to Subvert Malware Classifiers. Arxiv 2022. Backdoor attack with the targeted family [pdf]

5. Measuring Vulnerabilities of Malware Detectors with Explainability-Guided Evasion Attacks. Arxiv 2022. Explainable-guided adversarial attack [pdf]

2. Windows

1. Evasion Attack

1. Generating Adversarial Malware Examples for Black-Box Attacks Based on GAN. Arxiv 2017. Gernerate AE using GAN [pdf]

2. Query-Efficient Black-Box Attack Against Sequence-Based Malware Classifiers. ACSAC 2020. Black-Box Adversarial Attack for windows API sequence-based classification method. Injecting a lot of API Sequences and remove it [pdf]

3. MAB-Malware: A Reinforcement Learning Framework for Attacking Static Malware Classifiers. Arxiv 2021. Reinforcement Learning [pdf]

3. PDF

1. Evasion Attack

1. Evading Classifiers by Morphing in the Dark. ACM CCS 2017. Morpher and search to generate adversarial PDF [pdf]

4. Source Code Attribution

1. Evasion Attack

1. Misleading Authorship Attribution of Source Code using Adversarial Learning. USENIX Security 2019. Adversarial attack in source code, MCST [pdf] [code]

2. A Practical Black-box Attack on Source Code Authorship Identification Classifiers. TIFS 2021. Transfer attack for code identification [pdf]

3. Adversarial Defense Papers

1. Android

1. Adversarial Defense

1. Selective Adversarial Learning for Mobile Malware. IEEE TrustCom 2019. Simple Adversarial Defense [pdf]

2. Effectiveness of Adversarial Examples and Defenses for Malware Classification. ICSPCS 2019. Distillation, Ensumble, Adversaial Training [pdf]

3. Robust Android Malware Detection against Adversarial Example Attacks. WWW 2021. Use VAE to distinguish the adversarial malware [pdf]

4. A Framework for Enhancing Deep Neural Networks Against Adversarial Malware. TNSE 2021. Use AE to get robust feature embedding [pdf]

5. Robust Android Malware Detection System Against Adversarial Attacks Using Q-Learning. NDSS Poster 2021. Q-Learning for adversarial attack and retraining for defense [pdf]

2. Poisoning Defense

1. On Defending Against Label Flipping Attacks on Malware Detection Systems. Neural Computing and Applications 2020. Detected poisoned sample by label prediction [pdf]

2. IoT

1. Adversarial Defense

1. Adversarial android malware detection for mobile multimedia applications in IoT environments. Multimedia Tools and Applications 2020. Robust Neural Network [pdf]

4. Misc Papers

1. Toward Systematically Exploring Antivirus Engines. DIMVA 2018. Infer AVs components [pdf]

2. Measuring and Modeling the Label Dynamics of Online Anti-Malware Engines. USENIX Security 2020. Label dynamics in vriustotal [pdf]

3. Debiasing Android Malware Datasets: How Can I Trust Your Results If Your Dataset Is Biased?. TIFS 2022. Debias Dataset [pdf]

4. Automatically Inferring Malware Signatures for Anti-Virus Assisted Attacks. ACM AsiaCCS 2017. Inferring the signature of AVs [pdf]

5. Survey Papers

1. Android Security: A Survey of Issues, Malware Penetration, and Defenses. IEEE Communications Surveys & Tutorials 2015. [pdf]

2. Arms Race in Adversarial Malware Detection: A Survey. ACM Computing Surveys 2021. [pdf]

3. Deep Learning for Android Malware Defenses: a Systematic Literature Review. ACM Computing Surveys 2022. [pdf]

4. MalRadar: Demystifying Android Malware in the New Era. ACM Meas. Anal. Computing Surveys 2022. [pdf]

Contributing

This list is mainly maintained by Ping He from NESA Lab.

We are very much welcome contributors for contributing this repository!

Markdown format

**Paper Name**. Conference Year. `Keywords` [[pdf](pdf_link)] [[code](code_link)] [[dataset](dataset_link)]

Licenses

To the extent possible under law, gnipping all copyright and related or neighboring rights to this repository.