Doktorandské kolokvium KAI - Peter Anthony (17.4.2023)
v pondelok 17.4.2023 o 13:10 hod. v miestnosti I/9
Prednášajúci: Peter Anthony
Názov: An Improved Classifier for Learning and Discriminating Malware Using Knowledge Base Embedding
Termín: 17.4.2023, 13:10 hod., I/9
Abstrakt:
Malware detection is a critical task in cybersecurity, and traditional signature-based approaches are often ineffective against new and evolving threats. Recent research has shown that machine learning models can improve the accuracy of malware classification. However, existing methods often suffer from poor generalization performance and lack of explainability making it difficult to understand how they arrived at their predictions. This can make it challenging for cybersecurity experts to assess the reliability of the model and identify false positives or false negatives. In this work, we aim at a novel approach that combines a graph-based representation of malware with a neural network classifier. Entities and relationships in a knowledge graph are projected into a low-dimensional space. The approach involves learning a vector representation for each entity and relationship in the knowledge base while preserving their semantic meaning, so as to accurately discriminate between malicious and benign software. Additionally, the resulting embeddings can be used to derive explanations for the predictions, giving cybersecurity experts insights into malware behavior and decision-making processes. Overall the goal is an approach that will present a valuable tool for malware detection and analysis in real-world settings, with accurate predictions and meaningful explanations.