Abstract
The cyber ecosystem is facing severe threats from malware attacks, making it imperative to detect malware to safeguard a purified Internet environment. However, current studies primarily concentrate on examining the time-based correlation between APIs for malware detection while neglecting the contextual associations derived from API categories, resulting in inadequate detection performance. In this paper, we present TS-Mal, a novel Malware detection model incorporated Temporal and Structural features learning. Particularly, TS-Mal first designs a temporal vector learning method to automatically capture the evolving representation from the non-repetitive API sequences, which can efficiently pursue the attack preferences of malware. Then TS-Mal introduces heterogeneous graphs to model the interactive relationships between APIs and presents a dense-interactive structural embedding approach to generate the fine-grained API structural representation, which is capable of utilizing API category interaction information to boost detection effectiveness. Finally, TS-Mal simultaneously integrates temporal and structural attack features to accurately identify the unknown malware, effectively defending against new malware attacks. Experimental results on real-world datasets demonstrate that our proposed TS-Mal model outperforms existing state-of-the-art methods.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.