Tractable Executable Binary Provenance Signalling through Vision Transformers
dc.contributor.author | Nauman, Mohammad | |
dc.date.accessioned | 2024-05-12T05:53:16Z | |
dc.date.available | 2024-05-12T05:53:16Z | |
dc.date.issued | 2024-01-15 | |
dc.identifier.doi | https://doi.org/10.1109/LT60077.2024.10469044 | en_US |
dc.identifier.uri | http://hdl.handle.net/20.500.14131/1573 | |
dc.description.abstract | Provenance signaling involves tracing the source information of digital artifacts. It is a valuable intermediate output that greatly facilitates upstream tasks, including but not limited to malware analysis. Existing approaches to provenance signaling either rely on fully manual analysis or machine learning-based models that heavily depend on manually curated input features. This curation process requires the involvement of human experts, which is not only time-consuming but also infeasible on a large scale. In this paper, we present a novel model for provenance signaling that takes raw binaries as input and provides provenance signals with high efficacy. Our model is based on the state-of-the-art vision transformer architecture. We create a novel pipeline of efficiently encoding any binary into 2D sequences, capturing large-scale spatial relations hidden among binary opcodes. This allows our model to extract meaningful information about provenance without requiring the involvement of a human expert. Therefore, our work produces high-accuracy results and provides insights into the learning process, thus making the results more explainable. | en_US |
dc.subject | Security | en_US |
dc.subject | Transformers | en_US |
dc.subject | Provenance | en_US |
dc.title | Tractable Executable Binary Provenance Signalling through Vision Transformers | en_US |
refterms.dateFOA | 2024-05-12T05:53:18Z | |
dc.contributor.researcher | No Collaboration | en_US |
dc.contributor.lab | Artificial Intelligence & Cyber Security Lab | en_US |
dc.subject.KSA | CyberSecurity | en_US |
dc.contributor.ugstudent | 0 | en_US |
dc.contributor.alumnae | 0 | en_US |
dc.source.index | Scopus | en_US |
dc.contributor.department | Computer Science | en_US |
dc.contributor.pgstudent | 0 | en_US |
dc.contributor.firstauthor | Nauman, Mohammad |