Doctoral colloquium - Monday Onoja (3.3.2025)
Monday 3.3.2025 at 13:10 hod., Lecture room I/9
Monday Onoja:
Leveraging Ontology-Based Knowledge Representation For Explainable Malware Detection
Abstract:
Malware, short for malicious code is continuously posing increasing number of threats in today’s interconnected world. In order to sufficiently represent malware behaviour for effective malware detection and to derive interpretation for decisions of machine learning models, malware Researchers and Cyber Security experts are now delving into the application of Ontology based technique in Malware domain. While leveraging ontology also holds the potential of enhancing explainability, most efforts in literature are focused on static malware ontology, covering limited features in expressing the actual malware intent, or do not adhere to any standard language for characterizing malware attributes. In this work, we propose a more comprehensive and integrated malware ontology, covering both static and dynamic (hybrid) malware attributes which will capture more actions, artifacts and threat patterns sufficient for effective malware detection. Additionally we propose a vocabulary formalization that is based on established standard languages for malware attribute representation, specifically combining the Maec, Stix and Mitre standards.