Malware Analysis with Large Language Models
收藏Zenodo2026-05-25 更新2026-05-26 收录
下载链接:
https://zenodo.org/doi/10.5281/zenodo.20374302
下载链接
链接失效反馈官方服务:
资源简介:
# Malware Analysis with Large Language Models
This is the repository for the python code and dataset used in the paper:
*Title:* Malware Analysis with Large Language Models
The repository contains the following file and folders:
- [dataset/](./dataset/) - Contains all the datasets used in the study, find below a more in depth description of the organisation of the dataset.
- [requirements.txt](./requirements.txt) - Contains all the requirements for which are needed to set up the repository, find below the instruction how to install it.
- [chunkFiles/](./chunckFiles/) - Contains all the python scripts to chunk the files, find below the instructions who to execute it.
- [instructionsLLMs.md](./instructionsLLMs.md) - Contains all the information used for the manual prompting of the LLMs.
## Environment
In order to execute the environment, we suggest creating a virtual environment with Python3.12:
```cli
python -m venv env
source env/bin/activate
pip install -r requirements.txt
```
## Python scripts
With the following commands the python scripts are executed as intended:
```cli
python chunkFiles/main.py --chunk-size <int chuckSize> --offset <int offset> --file-type <c|asm> --input-folder <PATH/Input> --output-folder <PATH/Output>
python adjust_non_printable_characters.py --path <PATH/Input> --escape False --remove True
```
The output path of the first command is the input path of the second command.
## Dataset
This repository contains following files:<br>
1.Original files<br>
2.IDA(interactive Disassembler) <br>
3.Ghidra <br>
4.Radare2 <br>
This repository contains Assembly and C code representations of 30 malicious and 30 benign files. This is done through 3 different reverse engineering tools i.e.: IDA, Ghidra and Radare2. Each of these folder with the name of reverse engineering tool contains two sub folders of assembly and C files. Which in turn also contain two sub folders for malicious and benign files.
# 基于大语言模型的恶意软件分析(Malware Analysis with Large Language Models)
本仓库用于存放论文中使用的Python代码与数据集,论文标题如下:
*论文标题:* 基于大语言模型的恶意软件分析(Malware Analysis with Large Language Models)
本仓库包含以下文件与文件夹:
- [dataset/](./dataset/):存放本研究使用的全部数据集,下文将详细说明该数据集的组织架构。
- [requirements.txt](./requirements.txt):包含配置本仓库所需的全部依赖项,下文将提供安装说明。
- [chunkFiles/](./chunckFiles/):存放用于对文件进行分块的全部Python脚本,下文将提供执行说明。
- [instructionsLLMs.md](./instructionsLLMs.md):包含用于大语言模型手动提示的全部相关信息。
## 运行环境
若要运行本项目,我们建议使用Python 3.12创建虚拟环境:
cli
python -m venv env
source env/bin/activate
pip install -r requirements.txt
## Python脚本
执行以下命令可按预期运行各Python脚本:
cli
python chunkFiles/main.py --chunk-size <int chunkSize> --offset <int offset> --file-type <c|asm> --input-folder <PATH/Input> --output-folder <PATH/Output>
python adjust_non_printable_characters.py --path <PATH/Input> --escape False --remove True
第一条命令的输出路径即为第二条命令的输入路径。
## 数据集
本仓库包含以下文件/文件夹:<br>
1. 原始文件<br>
2. IDA(交互式反汇编器,Interactive Disassembler)<br>
3. Ghidra<br>
4. Radare2<br>
本仓库包含30个恶意文件与30个良性文件的汇编代码与C代码表示形式,这一过程通过三款不同的逆向工程工具完成,即IDA、Ghidra与Radare2。每个以逆向工程工具命名的文件夹均下设汇编代码与C代码两个子目录,而这两个子目录又分别包含恶意文件与良性文件两个子目录。
提供机构:
Zenodo创建时间:
2026-05-25



