LLM-driven Malware Analysis across Code Representations

A Study on the Impact of Code Representation on the Performance of LLM-driven Malware Classification

Bachelor Thesis (2026)
Author(s)

S.M. Folkertsma (TU Delft - Electrical Engineering, Mathematics and Computer Science)

Contributor(s)

S.S. Chakraborty – Mentor (TU Delft - Electrical Engineering, Mathematics and Computer Science)

P. Pawelczak – Mentor (TU Delft - Electrical Engineering, Mathematics and Computer Science)

A. van Deursen – Graduation committee member (TU Delft - Electrical Engineering, Mathematics and Computer Science)

Faculty
Electrical Engineering, Mathematics and Computer Science
More Info
expand_more
Publication Year
2026
Language
English
Graduation Date
30-06-2026
Awarding Institution
Delft University of Technology
Project
CSE3000 Research Project
Programme
Computer Science and Engineering
Faculty
Electrical Engineering, Mathematics and Computer Science
Downloads counter
12
Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

In this study, we determine the extent to which code representation affects the accuracy of LLM-driven malware analysis. Our results show that LLMs perform significantly better at detecting malware in high-level source code than in binary code. We conduct experiments on samples from the SBAN dataset. In the process, we also evaluate the validity of the SBAN dataset as a benchmark for malware classification, helping direct future efforts toward improving dataset quality.