{"id":"https://openalex.org/W4417081452","doi":"https://doi.org/10.1109/icmla66185.2025.00029","title":"BEACON: Behavioral Malware Classification with Large Language Model Embeddings and Deep Learning","display_name":"BEACON: Behavioral Malware Classification with Large Language Model Embeddings and Deep Learning","publication_year":2025,"publication_date":"2025-12-03","ids":{"openalex":"https://openalex.org/W4417081452","doi":"https://doi.org/10.1109/icmla66185.2025.00029"},"language":"en","primary_location":{"id":"doi:10.1109/icmla66185.2025.00029","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icmla66185.2025.00029","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 International Conference on Machine Learning and Applications (ICMLA)","raw_type":"proceedings-article"},"type":"article","indexed_in":["arxiv","crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2509.14519","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5084213893","display_name":"Wadduwage Shanika Perera","orcid":"https://orcid.org/0009-0007-6123-1805"},"institutions":[{"id":"https://openalex.org/I191429286","display_name":"Sam Houston State University","ror":"https://ror.org/00yh3cz06","country_code":"US","type":"education","lineage":["https://openalex.org/I191429286"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Wadduwage Shanika Perera","raw_affiliation_strings":["Sam Houston State University,Department of Computer Science,Huntsville,TX,USA,77341"],"affiliations":[{"raw_affiliation_string":"Sam Houston State University,Department of Computer Science,Huntsville,TX,USA,77341","institution_ids":["https://openalex.org/I191429286"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5023215661","display_name":"Haodi Jiang","orcid":"https://orcid.org/0000-0001-6460-408X"},"institutions":[{"id":"https://openalex.org/I191429286","display_name":"Sam Houston State University","ror":"https://ror.org/00yh3cz06","country_code":"US","type":"education","lineage":["https://openalex.org/I191429286"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Haodi Jiang","raw_affiliation_strings":["Sam Houston State University,Department of Computer Science,Huntsville,TX,USA,77341"],"affiliations":[{"raw_affiliation_string":"Sam Houston State University,Department of Computer Science,Huntsville,TX,USA,77341","institution_ids":["https://openalex.org/I191429286"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5084213893"],"corresponding_institution_ids":["https://openalex.org/I191429286"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.4631217,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"176","last_page":"183"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9926000237464905,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9926000237464905,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.0007999999797903001,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.0007999999797903001,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8644999861717224},{"id":"https://openalex.org/keywords/evasion","display_name":"Evasion (ethics)","score":0.7297999858856201},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.6883000135421753},{"id":"https://openalex.org/keywords/convolutional-neural-network","display_name":"Convolutional neural network","score":0.5062000155448914},{"id":"https://openalex.org/keywords/semantics","display_name":"Semantics (computer science)","score":0.413100004196167},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4034999907016754},{"id":"https://openalex.org/keywords/language-model","display_name":"Language model","score":0.31869998574256897},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.31279999017715454}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8644999861717224},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8118000030517578},{"id":"https://openalex.org/C2781251061","wikidata":"https://www.wikidata.org/wiki/Q5416089","display_name":"Evasion (ethics)","level":3,"score":0.7297999858856201},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.6883000135421753},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6825000047683716},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5117999911308289},{"id":"https://openalex.org/C81363708","wikidata":"https://www.wikidata.org/wiki/Q17084460","display_name":"Convolutional neural network","level":2,"score":0.5062000155448914},{"id":"https://openalex.org/C184337299","wikidata":"https://www.wikidata.org/wiki/Q1437428","display_name":"Semantics (computer science)","level":2,"score":0.413100004196167},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4034999907016754},{"id":"https://openalex.org/C204321447","wikidata":"https://www.wikidata.org/wiki/Q30642","display_name":"Natural language processing","level":1,"score":0.3723999857902527},{"id":"https://openalex.org/C137293760","wikidata":"https://www.wikidata.org/wiki/Q3621696","display_name":"Language model","level":2,"score":0.31869998574256897},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.31279999017715454},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.29789999127388},{"id":"https://openalex.org/C2989277270","wikidata":"https://www.wikidata.org/wiki/Q168338","display_name":"Behavioral analysis","level":2,"score":0.2976999878883362},{"id":"https://openalex.org/C195324797","wikidata":"https://www.wikidata.org/wiki/Q33742","display_name":"Natural language","level":2,"score":0.2957000136375427},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.2840999960899353},{"id":"https://openalex.org/C59404180","wikidata":"https://www.wikidata.org/wiki/Q17013334","display_name":"Feature learning","level":2,"score":0.27630001306533813},{"id":"https://openalex.org/C78639753","wikidata":"https://www.wikidata.org/wiki/Q3318160","display_name":"Behavioral modeling","level":2,"score":0.2709999978542328},{"id":"https://openalex.org/C2780967490","wikidata":"https://www.wikidata.org/wiki/Q1291200","display_name":"Mobile malware","level":3,"score":0.26899999380111694},{"id":"https://openalex.org/C167981075","wikidata":"https://www.wikidata.org/wiki/Q2667186","display_name":"Sandbox (software development)","level":2,"score":0.2619999945163727},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.2551000118255615}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/icmla66185.2025.00029","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icmla66185.2025.00029","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 International Conference on Machine Learning and Applications (ICMLA)","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2509.14519","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2509.14519","pdf_url":"https://arxiv.org/pdf/2509.14519","source":{"id":"https://openalex.org/S4393918464","display_name":"ArXiv.org","issn_l":"2331-8422","issn":["2331-8422"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"doi:10.48550/arxiv.2509.14519","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2509.14519","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2509.14519","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2509.14519","pdf_url":"https://arxiv.org/pdf/2509.14519","source":{"id":"https://openalex.org/S4393918464","display_name":"ArXiv.org","issn_l":"2331-8422","issn":["2331-8422"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Malware":[0],"is":[1],"becoming":[2],"increasingly":[3],"complex":[4],"and":[5,14,33,50,84,90,125],"widespread,":[6],"making":[7],"it":[8],"essential":[9],"to":[10,23,70],"develop":[11],"more":[12,48],"effective":[13],"timely":[15],"detection":[16],"methods.":[17],"Traditional":[18],"static":[19],"analysis":[20],"often":[21],"fails":[22],"defend":[24],"against":[25],"modern":[26],"threats":[27],"that":[28,64],"employ":[29],"code":[30],"obfuscation,":[31],"polymorphism,":[32],"other":[34],"evasion":[35],"techniques.":[36],"In":[37,53],"contrast,":[38],"behavioral":[39,123],"malware":[40,103,133],"detection,":[41],"which":[42],"monitors":[43],"runtime":[44],"activities,":[45],"provides":[46],"a":[47,59,94],"reliable":[49],"context-aware":[51],"solution.":[52],"this":[54],"work,":[55],"we":[56],"propose":[57],"BEACON,":[58],"novel":[60],"deep":[61],"learning":[62],"framework":[63,113],"leverages":[65],"large":[66],"language":[67],"models":[68],"(LLMs)":[69],"generate":[71],"dense,":[72],"contextual":[73],"embeddings":[74,81,124],"from":[75],"raw":[76],"sandbox-generated":[77],"behavior":[78],"reports.":[79],"These":[80],"capture":[82],"semantic":[83],"structural":[85],"patterns":[86],"of":[87,121,129],"each":[88],"sample":[89],"are":[91],"processed":[92],"by":[93],"one-dimensional":[95],"convolutional":[96],"neural":[97],"network":[98],"(1D":[99],"CNN)":[100],"for":[101,131],"multi-class":[102],"classification.":[104,134],"Evaluated":[105],"on":[106],"the":[107,119,126],"Avast-CTU":[108],"Public":[109],"CAPE":[110],"Dataset,":[111],"our":[112],"consistently":[114],"outperforms":[115],"existing":[116],"methods,":[117],"highlighting":[118],"effectiveness":[120],"LLM-based":[122],"overall":[127],"design":[128],"BEACON":[130],"robust":[132]},"counts_by_year":[],"updated_date":"2026-04-09T06:08:40.794217","created_date":"2025-10-10T00:00:00"}