![]() ![]() In this attack, malicious Java applications leverage the real-time data map component to camouflage as benign and contain a payload to steal sensitive information.ĭespite receiving less attention from the research community compared to Android, Windows, or IoT (Internet of things) malware, Java malware causes great harm to the Java ecosystem. With everyone’s focus on COVID-19, attackers recently leverage the popular COVID-19 update maps to infect computers via Java malware silently. In consideration of cross-platform convenience, the JAR file aggregates all Java class files, resources, and associated metadata into one archive. These malware files are organized in JAR (Java Archive) compression format, which can run on any infected system with Java Runtime Environment (JRE). Recent research points out that Java malware is mainly spread via malicious attachments or phishing emails. ![]() MITRE’s CVE dataset recorded nearly 700 new Java vulnerabilities. Therefore, malicious programs, vulnerabilities and exploits in Java have become increasingly prevalent in the past few years. According to, 89% of Desktops, 3 billion mobile phones, and 97% of Enterprise Desktops in the USA run Java. Java, the most popular development language used in enterprise application, continues to be an attractive target for attackers. Experimental results on a public Java bytecode benchmark demonstrate that BejaGNN achieves high F1 98.8% and is superior to existing Java malware detection approaches, which verifies the promise of graph neural network in Java malware detection. Finally, BejaGNN builds a graph neural network classifier to determine the maliciousness of Java programs. Then, word embedding techniques are adopted to learn semantic representations for Java bytecode instructions. Specifically, BejaGNN leverages static analysis techniques to extract ICFGs (Inter-procedural Control Flow Graph) from Java program files and then prunes these ICFGs to remove noisy instructions. In this paper, we explore the direction of capturing malware semantic information by using graph learning algorithms and present BejaGNN (Behavior-based Java malware detection via Graph Neural Network), a novel behavior-based Java malware detection method using static analysis, word embedding technique, and graph neural network. Therefore, researchers turn to extracting abundant static features to implement efficient malware detection. The low code path coverage and poor execution efficiency of dynamic analysis limit the large-scale application of dynamic Java malware detection methods. Security researchers continuously propose various approaches for fighting against Java malware programs. In the past few years, language vulnerabilities exploited by Java malware have become increasingly prevalent, which cause threats for multi-platform. As a popular platform-independent language, Java is widely used in enterprise applications. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |