{"id":"https://openalex.org/W4400409333","doi":"https://doi.org/10.1109/tdsc.2024.3418958","title":"MGAP3: Malware Group Attribution Based on PerceiverIO and Polytype Pre-Training","display_name":"MGAP3: Malware Group Attribution Based on PerceiverIO and Polytype Pre-Training","publication_year":2024,"publication_date":"2024-07-08","ids":{"openalex":"https://openalex.org/W4400409333","doi":"https://doi.org/10.1109/tdsc.2024.3418958"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2024.3418958","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2024.3418958","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5011235038","display_name":"Yuxia Sun","orcid":"https://orcid.org/0000-0002-5959-0629"},"institutions":[{"id":"https://openalex.org/I159948400","display_name":"Jinan University","ror":"https://ror.org/02xe5ns62","country_code":"CN","type":"education","lineage":["https://openalex.org/I159948400"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yuxia Sun","raw_affiliation_strings":["College of Information Science and Technology, Guangdong Key Laboratory of Data Security and Privacy Preserving, Jinan University, Guangzhou, China"],"affiliations":[{"raw_affiliation_string":"College of Information Science and Technology, Guangdong Key Laboratory of Data Security and Privacy Preserving, Jinan University, Guangzhou, China","institution_ids":["https://openalex.org/I159948400"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102851397","display_name":"Shiqi Chen","orcid":"https://orcid.org/0009-0007-9513-4659"},"institutions":[{"id":"https://openalex.org/I159948400","display_name":"Jinan University","ror":"https://ror.org/02xe5ns62","country_code":"CN","type":"education","lineage":["https://openalex.org/I159948400"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shiqi Chen","raw_affiliation_strings":["College of Information Science and Technology, Jinan University, Guangzhou, China"],"affiliations":[{"raw_affiliation_string":"College of Information Science and Technology, Jinan University, Guangzhou, China","institution_ids":["https://openalex.org/I159948400"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100567987","display_name":"Song Lin","orcid":null},"institutions":[{"id":"https://openalex.org/I159948400","display_name":"Jinan University","ror":"https://ror.org/02xe5ns62","country_code":"CN","type":"education","lineage":["https://openalex.org/I159948400"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Song Lin","raw_affiliation_strings":["College of Information Science and Technology, Jinan University, Guangzhou, China"],"affiliations":[{"raw_affiliation_string":"College of Information Science and Technology, Jinan University, Guangzhou, China","institution_ids":["https://openalex.org/I159948400"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5114069894","display_name":"Aoxiang Sun","orcid":"https://orcid.org/0009-0000-1150-080X"},"institutions":[{"id":"https://openalex.org/I194450716","display_name":"Jilin University","ror":"https://ror.org/00js3aw79","country_code":"CN","type":"education","lineage":["https://openalex.org/I194450716"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Aoxiang Sun","raw_affiliation_strings":["College of Information and Computational Science, Jilin University, Changchun, China"],"affiliations":[{"raw_affiliation_string":"College of Information and Computational Science, Jilin University, Changchun, China","institution_ids":["https://openalex.org/I194450716"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5020630479","display_name":"Saiqin Long","orcid":null},"institutions":[{"id":"https://openalex.org/I159948400","display_name":"Jinan University","ror":"https://ror.org/02xe5ns62","country_code":"CN","type":"education","lineage":["https://openalex.org/I159948400"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Saiqin Long","raw_affiliation_strings":["College of Information Science and Technology, Jinan University, Guangzhou, China"],"affiliations":[{"raw_affiliation_string":"College of Information Science and Technology, Jinan University, Guangzhou, China","institution_ids":["https://openalex.org/I159948400"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5081827896","display_name":"Zhetao Li","orcid":"https://orcid.org/0000-0002-7804-0286"},"institutions":[{"id":"https://openalex.org/I159948400","display_name":"Jinan University","ror":"https://ror.org/02xe5ns62","country_code":"CN","type":"education","lineage":["https://openalex.org/I159948400"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhetao Li","raw_affiliation_strings":["College of Information Science and Technology, Jinan University, Guangzhou, China"],"affiliations":[{"raw_affiliation_string":"College of Information Science and Technology, Jinan University, Guangzhou, China","institution_ids":["https://openalex.org/I159948400"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5011235038"],"corresponding_institution_ids":["https://openalex.org/I159948400"],"apc_list":null,"apc_paid":null,"fwci":1.0267,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.74899322,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":97},"biblio":{"volume":"22","issue":"2","first_page":"1024","last_page":"1039"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9948999881744385,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9799000024795532,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6010341048240662},{"id":"https://openalex.org/keywords/group","display_name":"Group (periodic table)","score":0.5855756998062134},{"id":"https://openalex.org/keywords/training","display_name":"Training (meteorology)","score":0.46767860651016235},{"id":"https://openalex.org/keywords/psychology","display_name":"Psychology","score":0.40851134061813354},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3370635211467743},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.3247569799423218},{"id":"https://openalex.org/keywords/physics","display_name":"Physics","score":0.29784178733825684}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6010341048240662},{"id":"https://openalex.org/C2781311116","wikidata":"https://www.wikidata.org/wiki/Q83306","display_name":"Group (periodic table)","level":2,"score":0.5855756998062134},{"id":"https://openalex.org/C2777211547","wikidata":"https://www.wikidata.org/wiki/Q17141490","display_name":"Training (meteorology)","level":2,"score":0.46767860651016235},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.40851134061813354},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3370635211467743},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.3247569799423218},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.29784178733825684},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C153294291","wikidata":"https://www.wikidata.org/wiki/Q25261","display_name":"Meteorology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tdsc.2024.3418958","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2024.3418958","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G5733278378","display_name":null,"funder_award_id":"U23B2027","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G8718608543","display_name":null,"funder_award_id":"62032020","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":44,"referenced_works":["https://openalex.org/W1109422923","https://openalex.org/W2064675550","https://openalex.org/W2157331557","https://openalex.org/W2321533354","https://openalex.org/W2487442924","https://openalex.org/W2621130533","https://openalex.org/W2740196638","https://openalex.org/W2803920557","https://openalex.org/W2961210634","https://openalex.org/W2966905730","https://openalex.org/W2980750320","https://openalex.org/W2984666763","https://openalex.org/W3004349306","https://openalex.org/W3011574394","https://openalex.org/W3014654829","https://openalex.org/W3042169959","https://openalex.org/W3083528243","https://openalex.org/W3162962341","https://openalex.org/W3175941285","https://openalex.org/W3189623384","https://openalex.org/W3197120431","https://openalex.org/W3198240431","https://openalex.org/W4200392597","https://openalex.org/W4205635956","https://openalex.org/W4205964623","https://openalex.org/W4225522924","https://openalex.org/W4226079614","https://openalex.org/W4226181420","https://openalex.org/W4255756278","https://openalex.org/W4281477228","https://openalex.org/W4284710241","https://openalex.org/W4285356446","https://openalex.org/W4313563606","https://openalex.org/W4319079731","https://openalex.org/W4378647935","https://openalex.org/W4385245566","https://openalex.org/W4386221015","https://openalex.org/W4393033977","https://openalex.org/W6679436768","https://openalex.org/W6755207826","https://openalex.org/W6783227185","https://openalex.org/W6790830454","https://openalex.org/W6799838802","https://openalex.org/W6800132054"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2097492617","https://openalex.org/W2753240997","https://openalex.org/W1764168690","https://openalex.org/W2537959205","https://openalex.org/W2740895074","https://openalex.org/W2772446090","https://openalex.org/W4284893819","https://openalex.org/W2249809453"],"abstract_inverted_index":{"The":[0],"escalating":[1],"prevalence":[2],"of":[3,61,124,154,176,183],"Advanced":[4],"Persistent":[5],"Threat":[6],"(APT)":[7],"malware":[8,16,62],"demands":[9],"more":[10],"effective":[11],"methods":[12,32],"to":[13,17,163],"accurately":[14],"attribute":[15],"specific":[18],"APT":[19,66],"groups.":[20],"Traditional":[21],"manual":[22],"attribution":[23,88],"processes":[24],"are":[25,33],"labor-intensive":[26],"and":[27,42,83,97,115,147,179],"error-prone,":[28],"while":[29,166],"existing":[30],"automated":[31],"hampered":[34],"by":[35,90],"small":[36],"dataset":[37],"sizes,":[38],"inadequate":[39],"representation":[40],"learning,":[41],"poor":[43],"noise":[44,135],"reduction":[45],"during":[46],"preprocessing.":[47],"To":[48],"address":[49],"these":[50],"challenges,":[51],"we":[52,70,130],"introduce":[53],"the":[54,59,72,155,174,181,184],"AMG25":[55],"dataset,":[56],"which":[57,86],"expands":[58],"pool":[60],"samples":[63],"labeled":[64],"with":[65],"group":[67],"affiliations.":[68],"Concurrently,":[69],"propose":[71],"MGAP<sup":[73,157],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[74,158],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">3</sup>":[75],"model":[76,109],"(Malware":[77],"Group":[78],"Attribution":[79],"based":[80],"on":[81,140],"PerceiverIO":[82,106],"Polytype":[84],"Pre-training),":[85],"enhances":[87],"performance":[89],"incorporating":[91],"hierarchical":[92],"pre-training":[93,127,186],"for":[94],"disassembled":[95],"codes":[96],"leveraging":[98],"multi-view":[99],"statistical":[100],"features,":[101],"all":[102],"within":[103],"a":[104,122,133,151],"unified":[105],"architecture.":[107],"This":[108],"adeptly":[110],"captures":[111],"complex":[112],"program":[113],"structures":[114],"interactions":[116],"cross":[117],"multiple":[118],"code":[119],"granularities,":[120],"through":[121],"series":[123],"innovative":[125],"polytype":[126],"tasks.":[128],"Additionally,":[129],"have":[131,172],"developed":[132,162],"novel":[134],"filtering":[136],"technique":[137],"that":[138],"focuses":[139],"user-defined":[141],"function":[142],"codes,":[143],"substantially":[144],"reducing":[145],"overfitting":[146],"boosting":[148],"performance.":[149,169],"Furthermore,":[150],"streamlined":[152],"version":[153],"model,":[156],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">3</sup>-Lite,":[159],"has":[160],"been":[161],"accelerate":[164],"training":[165],"preserving":[167],"robust":[168],"Extensive":[170],"experiments":[171],"validated":[173],"effectiveness":[175],"our":[177],"models":[178],"underscored":[180],"importance":[182],"proposed":[185],"technique.":[187]},"counts_by_year":[{"year":2025,"cited_by_count":3}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2024-07-09T00:00:00"}