AutoMalDesc: Large-Scale Script Analysis for Cyber Threat Research
DOI:
https://doi.org/10.1609/aaai.v40i1.36959Abstract
Generating thorough natural language explanations for threat detections remains an open problem in cybersecurity research, despite significant advances in automated malware detection systems. In this work, we present AutoMalDesc, an automated static analysis summarization framework that, following initial training on a small set of expert-curated examples, operates independently at scale. This approach leverages an iterative self-paced learning pipeline to progressively enhance output quality through synthetic data generation and validation cycles, eliminating the need for extensive manual data annotation. Evaluation across 3,600 diverse samples in five scripting languages demonstrates statistically significant improvements between iterations, showing consistent gains in both summary quality and classification accuracy. Our comprehensive validation approach combines quantitative metrics based on established malware labels with qualitative assessment from both human experts and LLM-based judges, confirming both technical precision and linguistic coherence of generated summaries. To facilitate reproducibility and advance research in this domain, we publish our complete dataset of more than 100K script samples, including annotated seed (900) and test (3.6K) datasets, along with our methodology and evaluation framework.
Downloads
Published
2026-03-14
How to Cite
Apostu, A.-M., Preda, A., Damir, A. D., Bolocan, D., Ionescu, R. T., Croitoru, I., & Gaman, M. (2026). AutoMalDesc: Large-Scale Script Analysis for Cyber Threat Research. Proceedings of the AAAI Conference on Artificial Intelligence, 40(1), 12-20. https://doi.org/10.1609/aaai.v40i1.36959
Issue
Section
AAAI Technical Track on Application Domains I
