AsmRAG detects malware at 96% F1 and attributes families at 95% F1 by retrieving functionally similar assembly code via LLM embeddings and density-weighted anchor selection, remaining robust to metamorphic obfuscation.
ArXiv abs/2507.02424 (2025)
3 Pith papers cite this work. Polarity classification is still indexing.
3
Pith papers citing it
fields
cs.CR 3years
2026 3verdicts
UNVERDICTED 3representative citing papers
Ensemble of three binary DNNs classifies network flows as benign, DoS or DDoS at 99.84% and 95.30% accuracy on CICIDS2018 and UNSW-NB15, paired with RAG to generate mitigation reports that outperform vanilla LLM outputs.
A multi-layer cloud IDS uses per-layer ML detection, learned confidence gates, Chroma memory, and LLM escalation with Q-learning adaptive calibration to cut LLM calls by 58.78% while reporting 88.68% overall accuracy.
citing papers explorer
-
AsmRAG: LLM-Driven Malware Detection by Retrieving Functionally Similar Assembly Code
AsmRAG detects malware at 96% F1 and attributes families at 95% F1 by retrieving functionally similar assembly code via LLM embeddings and density-weighted anchor selection, remaining robust to metamorphic obfuscation.
-
From Detection to Response: A Deep Learning and Retrieval-Augmented Generation Framework for Network Intrusion Mitigation
Ensemble of three binary DNNs classifies network flows as benign, DoS or DDoS at 99.84% and 95.30% accuracy on CICIDS2018 and UNSW-NB15, paired with RAG to generate mitigation reports that outperform vanilla LLM outputs.
-
A Multi-Layer Cloud-IDS Pipeline with LLM and Adaptive Q-Learning Calibration
A multi-layer cloud IDS uses per-layer ML detection, learned confidence gates, Chroma memory, and LLM escalation with Q-learning adaptive calibration to cut LLM calls by 58.78% while reporting 88.68% overall accuracy.