Assessing the Static Malware Analysis Capabilities of Large Language Models
摘要
Recent advancements in artificial intelligence, particularly large language models, have shown exceptional growth trajectories, exceeding all prior expectations and benchmarks across a variety of domains, including humanities, mathematics, computer science and others. Their fast evolution has enabled widespread adoption for usage in both regular applications and complex problem-solving scenarios. Within computer science, these systems have been hailed as the next evolutionary step, demonstrating efficiency in low to moderate difficulty tasks, and sometimes even advanced ones. Thanks to these results, it led to workforce displacements in certain sectors. However, their capabilities remain inadequately evaluated in high-complexity contexts, specifically within the cybersecurity ecosystem. This study aims to examine the performance of three prominent large language models in the domain of malware analysis. The methodology only tests static malware analysis, by virtue of a custom file parser designed to extract extensive metadata, in conjunction with data extracted from industry standard tools. All the data is then fed into the selected AI systems to evaluate their performance and efficacy in this context. The AIs demonstrated below average results in this analysis. The results corroborated some of the previous research and also uncovered new limitations for their appliances in the security ecosystem.