With the rapid development of network technologies, the threat posed by malicious software has become increasingly complex and diverse, evolving from traditional viruses and worms to sophisticated ransomware, advanced persistent threats (APTs), and supply chain attacks. Traditional malware detection methods, such as signature-based detection and traditional machine learning techniques, face significant challenges in addressing the polymorphism and obfuscation of modern malware. Recent advances in generative artificial intelligence (GAI), particularly large language models (LLMs) like GPT-4 and CodeBERT, offer new opportunities for malware detection. GAI leverages self-supervised pretraining to understand code syntax and semantics, enabling automated feature extraction and high-level semantic pattern recognition from raw code. By analyzing the structure and behavior of malicious code, GAI can detect hidden threats, predict attack trends, and process complex multimodal data. This paper provides a comprehensive overview of the current challenges in malware detection, including issues with data imbalance, adversarial attacks, and the high cost of expert-labeled samples. It also explores how GAI-powered LLMs enhance static and dynamic analysis, enable multimodal detection, and improve explainability in malware analysis. By summarizing the contributions of GAI in this field, this paper highlights its transformative potential for malware detection methodologies and addresses future research directions.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A Survey on Malware Analysis with Large Language Models

  • Wenjie Guo,
  • Haoyuan Wen,
  • Lingming Kong,
  • Jingfeng Xue,
  • Jingjing Hu,
  • Weijie Han,
  • Yong Wang

摘要

With the rapid development of network technologies, the threat posed by malicious software has become increasingly complex and diverse, evolving from traditional viruses and worms to sophisticated ransomware, advanced persistent threats (APTs), and supply chain attacks. Traditional malware detection methods, such as signature-based detection and traditional machine learning techniques, face significant challenges in addressing the polymorphism and obfuscation of modern malware. Recent advances in generative artificial intelligence (GAI), particularly large language models (LLMs) like GPT-4 and CodeBERT, offer new opportunities for malware detection. GAI leverages self-supervised pretraining to understand code syntax and semantics, enabling automated feature extraction and high-level semantic pattern recognition from raw code. By analyzing the structure and behavior of malicious code, GAI can detect hidden threats, predict attack trends, and process complex multimodal data. This paper provides a comprehensive overview of the current challenges in malware detection, including issues with data imbalance, adversarial attacks, and the high cost of expert-labeled samples. It also explores how GAI-powered LLMs enhance static and dynamic analysis, enable multimodal detection, and improve explainability in malware analysis. By summarizing the contributions of GAI in this field, this paper highlights its transformative potential for malware detection methodologies and addresses future research directions.