Trident combines static decision trees, LLM-generated behavioral rules from sandbox reports, and direct LLM analysis via majority voting to outperform static methods while resisting concept drift without retraining.
TraceRAG: A LLM-Based Framework for Explainable Android Malware Detection and Behavior Analysis, September 2025
2 Pith papers cite this work. Polarity classification is still indexing.
2
Pith papers citing it
fields
cs.CR 2years
2026 2verdicts
UNVERDICTED 2representative citing papers
LCC-LLM creates a code-centric dataset and RAG-based LLM framework that reaches 0.634 average semantic similarity on 43 malware tasks and 10/10 pass rate in real-world case studies.
citing papers explorer
-
Trident: Improving Malware Detection with LLMs and Behavioral Features
Trident combines static decision trees, LLM-generated behavioral rules from sandbox reports, and direct LLM analysis via majority voting to outperform static methods while resisting concept drift without retraining.
-
LCC-LLM: Leveraging Code-Centric Large Language Models for Malware Attribution
LCC-LLM creates a code-centric dataset and RAG-based LLM framework that reaches 0.634 average semantic similarity on 43 malware tasks and 10/10 pass rate in real-world case studies.