Explainable Malware Detection from Noisy API Sequences with RAG-Based MITRE ATT&CK Mapping

PHAPHA_JIàN
10:08 08/07/2026
TIN LIÊN QUAN
Despite the dominance of Transformer-based models in software vulnerability detection, the extent to which their learned security logic generalizes across different programming languages remains a critical open question. To address this, we propose a comprehensive evaluation framework organized into three phases spanning five distinct experimental scenarios, aiming to rigorously dissect...
Security testing of REST APIs remains difficult because real-world OpenAPI specifications are often incomplete, many security flaws are inherently stateful, and prevailing stateful fuzzers still optimize primarily for structural exploration rather than OWASP-aligned risk categories. Based on this gap, this paper presents APIGFUZZ, a graph-driven, OWASP-aware black-box REST API fuzzing...
Network Intrusion Detection Systems (NIDS) based on machine learning must evolve after deployment to detect emerging threats very soon with a few labeled samples, while without catastrophic forgetting or degrading due to concept drift. Existing methods address these issues in isolation, lacking a unified pipeline for tabular network traffic. This...