{"id":"https://openalex.org/W4411055052","doi":"https://doi.org/10.1109/tdsc.2025.3576708","title":"SoK: Leveraging Transformers for Malware Analysis","display_name":"SoK: Leveraging Transformers for Malware Analysis","publication_year":2025,"publication_date":"2025-06-05","ids":{"openalex":"https://openalex.org/W4411055052","doi":"https://doi.org/10.1109/tdsc.2025.3576708"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2025.3576708","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2025.3576708","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5098921638","display_name":"Pradip Kunwar","orcid":"https://orcid.org/0009-0004-2583-5925"},"institutions":[{"id":"https://openalex.org/I63920570","display_name":"Tennessee Technological University","ror":"https://ror.org/05drmrq39","country_code":"US","type":"education","lineage":["https://openalex.org/I63920570"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Pradip Kunwar","raw_affiliation_strings":["Tennessee Tech University, Cookeville, TN, USA","Tennessee Tech University, USA"],"affiliations":[{"raw_affiliation_string":"Tennessee Tech University, Cookeville, TN, USA","institution_ids":["https://openalex.org/I63920570"]},{"raw_affiliation_string":"Tennessee Tech University, USA","institution_ids":["https://openalex.org/I63920570"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5005398538","display_name":"Kshitiz Aryal","orcid":"https://orcid.org/0000-0001-8000-1086"},"institutions":[{"id":"https://openalex.org/I63920570","display_name":"Tennessee Technological University","ror":"https://ror.org/05drmrq39","country_code":"US","type":"education","lineage":["https://openalex.org/I63920570"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kshitiz Aryal","raw_affiliation_strings":["Tennessee Tech University, Cookeville, TN, USA","Tennessee Tech University, USA"],"affiliations":[{"raw_affiliation_string":"Tennessee Tech University, Cookeville, TN, USA","institution_ids":["https://openalex.org/I63920570"]},{"raw_affiliation_string":"Tennessee Tech University, USA","institution_ids":["https://openalex.org/I63920570"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5047952246","display_name":"Maanak Gupta","orcid":"https://orcid.org/0000-0001-9189-2478"},"institutions":[{"id":"https://openalex.org/I63920570","display_name":"Tennessee Technological University","ror":"https://ror.org/05drmrq39","country_code":"US","type":"education","lineage":["https://openalex.org/I63920570"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Maanak Gupta","raw_affiliation_strings":["Tennessee Tech University, Cookeville, TN, USA","Tennessee Tech University, USA"],"affiliations":[{"raw_affiliation_string":"Tennessee Tech University, Cookeville, TN, USA","institution_ids":["https://openalex.org/I63920570"]},{"raw_affiliation_string":"Tennessee Tech University, USA","institution_ids":["https://openalex.org/I63920570"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064628952","display_name":"Mahmoud Abdelsalam","orcid":"https://orcid.org/0000-0001-5627-5239"},"institutions":[{"id":"https://openalex.org/I35777872","display_name":"North Carolina Agricultural and Technical State University","ror":"https://ror.org/02aze4h65","country_code":"US","type":"education","lineage":["https://openalex.org/I35777872"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mahmoud Abdelsalam","raw_affiliation_strings":["North Carolina A&T State University, Greensboro, NC, USA","North Carolina A&T State University, USA"],"affiliations":[{"raw_affiliation_string":"North Carolina A&T State University, Greensboro, NC, USA","institution_ids":["https://openalex.org/I35777872"]},{"raw_affiliation_string":"North Carolina A&T State University, USA","institution_ids":["https://openalex.org/I35777872"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5061694501","display_name":"Elisa Bertino","orcid":"https://orcid.org/0000-0002-4029-7051"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Elisa Bertino","raw_affiliation_strings":["Purdue University, West Lafayette, IN, USA","Purdue University, USA"],"affiliations":[{"raw_affiliation_string":"Purdue University, West Lafayette, IN, USA","institution_ids":["https://openalex.org/I219193219"]},{"raw_affiliation_string":"Purdue University, USA","institution_ids":["https://openalex.org/I219193219"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5098921638"],"corresponding_institution_ids":["https://openalex.org/I63920570"],"apc_list":null,"apc_paid":null,"fwci":9.4458,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.98296066,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":100},"biblio":{"volume":"22","issue":"6","first_page":"5888","last_page":"5905"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9945999979972839,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7752145528793335},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6900233030319214},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4103161692619324}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7752145528793335},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6900233030319214},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4103161692619324}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tdsc.2025.3576708","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2025.3576708","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":91,"referenced_works":["https://openalex.org/W1498436455","https://openalex.org/W1966741850","https://openalex.org/W2010065958","https://openalex.org/W2028727337","https://openalex.org/W2064675550","https://openalex.org/W2069143585","https://openalex.org/W2110485445","https://openalex.org/W2122672392","https://openalex.org/W2154851992","https://openalex.org/W2215444025","https://openalex.org/W2360903897","https://openalex.org/W2780450026","https://openalex.org/W2789828921","https://openalex.org/W2791879367","https://openalex.org/W2805641541","https://openalex.org/W2892009249","https://openalex.org/W2896457183","https://openalex.org/W2915716523","https://openalex.org/W2918753059","https://openalex.org/W2947576068","https://openalex.org/W2963769791","https://openalex.org/W2982413766","https://openalex.org/W2996806689","https://openalex.org/W3013908242","https://openalex.org/W3015423757","https://openalex.org/W3037387044","https://openalex.org/W3092557781","https://openalex.org/W3096609285","https://openalex.org/W3104423855","https://openalex.org/W3105429705","https://openalex.org/W3114468998","https://openalex.org/W3130240595","https://openalex.org/W3132442669","https://openalex.org/W3135255190","https://openalex.org/W3135427360","https://openalex.org/W3138794547","https://openalex.org/W3158360872","https://openalex.org/W3158694465","https://openalex.org/W3161794458","https://openalex.org/W3164964481","https://openalex.org/W3165963211","https://openalex.org/W3167995052","https://openalex.org/W3168412632","https://openalex.org/W3174361912","https://openalex.org/W3192892322","https://openalex.org/W3196621661","https://openalex.org/W3201020763","https://openalex.org/W3214547528","https://openalex.org/W3214641118","https://openalex.org/W3217319441","https://openalex.org/W3217610895","https://openalex.org/W4200274764","https://openalex.org/W4205635956","https://openalex.org/W4206706211","https://openalex.org/W4213019189","https://openalex.org/W4226319939","https://openalex.org/W4235796753","https://openalex.org/W4235970239","https://openalex.org/W4239510810","https://openalex.org/W4285114033","https://openalex.org/W4285221277","https://openalex.org/W4285261371","https://openalex.org/W4285496318","https://openalex.org/W4288060471","https://openalex.org/W4288070321","https://openalex.org/W4295700754","https://openalex.org/W4296105182","https://openalex.org/W4306316917","https://openalex.org/W4306955484","https://openalex.org/W4312408104","https://openalex.org/W4313063338","https://openalex.org/W4315837244","https://openalex.org/W4319777846","https://openalex.org/W4323521238","https://openalex.org/W4323565799","https://openalex.org/W4361004367","https://openalex.org/W4361732912","https://openalex.org/W4379518989","https://openalex.org/W4382655549","https://openalex.org/W4383340358","https://openalex.org/W4383751665","https://openalex.org/W4384945880","https://openalex.org/W4385245566","https://openalex.org/W4385484761","https://openalex.org/W4385567173","https://openalex.org/W4385688277","https://openalex.org/W4386216135","https://openalex.org/W4386568539","https://openalex.org/W4387305659","https://openalex.org/W4399412051","https://openalex.org/W4401508153"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2097492617","https://openalex.org/W2753240997","https://openalex.org/W1764168690","https://openalex.org/W2537959205","https://openalex.org/W2740895074","https://openalex.org/W2772446090","https://openalex.org/W4284893819"],"abstract_inverted_index":{"The":[0,30],"introduction":[1],"of":[2,35,52,79,89,101,141,152],"transformers":[3,15,53,114,153,195],"has":[4],"been":[5],"an":[6,139],"important":[7],"breakthrough":[8],"for":[9,54,93,154,190,196],"AI":[10],"research":[11,147,163,174,193],"and":[12,44,69,106,118,124,130,157,183],"application,":[13],"as":[14,49,186],"are":[16,23,115,134],"the":[17,33,36,50,60,150,173],"foundation":[18],"behind":[19],"Generative":[20],"AI.":[21],"Transformers":[22],"promising":[24],"in":[25,39,59,149,176],"cybersecurity,":[26],"especially":[27],"malware":[28,55,94,155,197],"analysis.":[29,95,198],"reason":[31],"is":[32,57,64],"flexibility":[34],"transformer":[37],"models":[38],"handling":[40],"long":[41],"sequential":[42],"features":[43],"understanding":[45],"contextual":[46],"relationships.":[47],"However,":[48],"use":[51,122,151],"analysis":[56,88,100,156],"still":[58],"infancy":[61],"stage,":[62],"it":[63],"critical":[65],"to":[66,73,84,144],"evaluate,":[67],"systematize,":[68],"contextualize":[70],"existing":[71,102,181],"literature":[72],"foster":[74],"future":[75,162],"research.":[76],"This":[77],"Systematization":[78],"Knowledge":[80],"(SoK)":[81],"paper":[82,170],"aims":[83],"provide":[85,138],"a":[86,187],"comprehensive":[87],"transformer-based":[90],"approaches":[91],"designed":[92],"Based":[96],"on":[97],"our":[98],"systematic":[99],"knowledge,":[103],"we":[104],"structure":[105],"propose":[107],"taxonomies":[108],"based":[109],"on:":[110],"(a)":[111],"how":[112,126],"different":[113],"adapted,":[116],"organized,":[117],"modified":[119],"across":[120],"various":[121],"cases;":[123],"(b)":[125],"diverse":[127],"feature":[128],"types":[129],"their":[131],"representation":[132],"capabilities":[133],"reflected.":[135],"We":[136,165],"also":[137],"inventory":[140],"datasets":[142],"used":[143],"explore":[145],"multiple":[146],"avenues":[148],"discuss":[158],"open":[159],"challenges":[160],"with":[161],"directions.":[164],"believe":[166],"that":[167],"this":[168],"SoK":[169],"will":[171,184],"assist":[172],"community":[175],"gaining":[177],"detailed":[178],"insights":[179],"from":[180],"work":[182],"serve":[185],"foundational":[188],"resource":[189],"implementing":[191],"novel":[192],"using":[194]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":4}],"updated_date":"2026-02-25T08:12:03.925757","created_date":"2025-10-10T00:00:00"}