AI

In our paper, “MalwarePT: A Robust Binary-Level Foundation Model for Malware Analysis,” we introduce MalwarePT, a novel foundation model designed to enhance malware analysis by addressing key limitations of existing machine learning (ML) approaches.

DeepCapa is an automated post-detection framework that identifies and maps potentially malicious capabilities in malware to the code that implements these capabilities. It proposes a novel feature engineering approach that statically extracts API-call sequences from multiple memory snapshots taken during a sample’s dynamic execution. This approach allows for more comprehensive code coverage and effectively counters anti-sandbox techniques. Deepcapa also proposes a neural network architecture to not only accurately detects capabilities but also provide interpretable detections.