The combination of memory forensics and deep learning for malware detection has achieved certain progress, but most existing methods convert process dump to images for classification, which is still based on process byte feature classification. After the malware is loaded into memory, the original byte features will change. Compared with byte features, function call features can represent the behaviors of malware more robustly. Therefore, this article proposes the ProcGCN model, a deep learning model based on DGCNN (Deep Graph Convolutional Neural Network), to detect malicious processes in memory images. First, the process dump is extracted from the whole system memory image; then, the Function Call Graph (FCG) of the process is extracted, and feature vectors for the function node in the FCG are generated based on the word bag model; finally, the FCG is input to the ProcGCN model for classification and detection. Using a public dataset for experiments, the ProcGCN model achieved an accuracy of 98.44% and an 1 score of 0.9828. It shows a better result than the existing deep learning methods based on static features, and its detection speed is faster, which demonstrates the effectiveness of the method based on function call features and graph representation learning in memory forensics.
Download full-text PDF |
Source |
|---|---|
| http://www.ncbi.nlm.nih.gov/pmc/articles/PMC11323106 | PMC |
| http://dx.doi.org/10.7717/peerj-cs.2193 | DOI Listing |
Publication Analysis
Top Keywords
Similar Publications
STMGraph: spatial-context-aware of transcriptomes via a dual-remasked dynamic graph attention model.
Brief Bioinform
November 2024
Center for Genomics and Biotechnology, Fujian Provincial Key Laboratory of Haixia Applied Plant Systems Biology, Haixia Institute of Science and Technology, Fujian Agriculture and Forestry University, No. 15 Shangxiadian Road, Cangshan District, Fuzhou 350002, China.
Spatial transcriptomics (ST) technologies enable dissecting the tissue architecture in spatial context. To perceive the global contextual information of gene expression patterns in tissue, the spatial dependence of cells must be fully considered by integrating both local and non-local features by means of spatial-context-aware. However, the current ST integration algorithm ignores for ST dropouts, which impedes the spatial-aware of ST features, resulting in challenges in the accuracy and robustness of microenvironmental heterogeneity detecting, spatial domain clustering, and batch-effects correction.
View Article and Find Full Text PDFArtificial Intelligence Predicts Multiclass Molecular Signatures and Subtypes Directly From Breast Cancer Histology: a Multicenter Retrospective Study.
Int J Surg
January 2025
Computer Science and Technology, Harbin Institute of Technology (Shenzhen), Shenzhen, China.
Detection of biomarkers of breast cancer incurs additional costs and tissue burden. We propose a deep learning-based algorithm (BBMIL) to predict classical biomarkers, immunotherapy-associated gene signatures, and prognosis-associated subtypes directly from hematoxylin and eosin stained histopathology images. BBMIL showed the best performance among comparative algorithms on the prediction of classical biomarkers, immunotherapy related gene signatures, and subtypes.
View Article and Find Full Text PDFAI predictive models and advancements in microdissection testicular sperm extraction for non-obstructive azoospermia: a systematic scoping review.
Hum Reprod Open
November 2024
Department of Medical Informatics, Faculty of Medicine, Mashhad University of Medical Sciences, Mashhad, Iran.
Study Question: How accurately can artificial intelligence (AI) models predict sperm retrieval in non-obstructive azoospermia (NOA) patients undergoing micro-testicular sperm extraction (m-TESE) surgery?
Summary Answer: AI predictive models hold significant promise in predicting successful sperm retrieval in NOA patients undergoing m-TESE, although limitations regarding variability of study designs, small sample sizes, and a lack of validation studies restrict the overall generalizability of studies in this area.
What Is Known Already: Previous studies have explored various predictors of successful sperm retrieval in m-TESE, including clinical and hormonal factors. However, no consistent predictive model has yet been established.
Detection of neurologic changes in critically ill infants using deep learning on video data: a retrospective single center cohort study.
EClinicalMedicine
December 2024
Department of Pediatrics, Icahn School of Medicine at Mount Sinai, New York, NY, USA.
Background: Infant alertness and neurologic changes can reflect life-threatening pathology but are assessed by physical exam, which can be intermittent and subjective. Reliable, continuous methods are needed. We hypothesized that our computer vision method to track movement, pose artificial intelligence (AI), could predict neurologic changes in the neonatal intensive care unit (NICU).
View Article and Find Full Text PDFComputer vision algorithms to help decision-making in cattle production.
Anim Front
December 2024
Department of Animal Science, Texas A&M University, College Station, TX 77843-2471, USA.
Want AI Summaries of new PubMed Abstracts delivered to your In-box?
Enter search terms and have AI summaries delivered each week - change queries or unsubscribe any time!