Author(s)

XinYu Li^1*, Daniel Roberts¹, Oliver Bennett²

Affiliation(s)

¹Department of Computer Science, University of Southern California, Los Angeles 90007, California, USA.
²School of Computing and Communications, Lancaster University, Lancaster, United Kingdom.

Corresponding Author

XinYu Li

ABSTRACT

The escalating sophistication of malware threats poses unprecedented challenges to enterprise cybersecurity infrastructure. Traditional signature-based detection methods struggle to identify polymorphic and zero-day malware variants that continuously evolve to evade detection mechanisms. This research presents a comprehensive investigation into the application of Graph Neural Networks (GNNs) for real-time malware detection in enterprise environments. By leveraging the structural properties of malware represented as control flow graphs and function call graphs, GNN-based approaches can capture complex behavioral patterns that distinguish malicious software from benign applications. This study examines the theoretical foundations of graph-based malware representation, evaluates state-of-the-art GNN architectures including Graph Convolutional Networks and Graph Attention Networks, and proposes an integrated framework optimized for real-time detection in enterprise settings. Experimental evaluation demonstrates that the proposed approach achieves detection accuracy exceeding 96 percent while maintaining computational efficiency suitable for deployment in production environments. The findings indicate that GNN-based detection systems offer significant advantages over traditional machine learning methods, particularly in identifying previously unseen malware families through structural pattern recognition. This research contributes to the advancement of proactive cybersecurity measures by demonstrating the viability of graph-based deep learning for scalable, real-time threat detection in complex enterprise networks.

KEYWORDS

Graph neural networks; Malware detection; Enterprise security; Real-time analysis; Control flow graphs; Deep learning; Cybersecurity; Threat intelligence

CITE THIS PAPER

XinYu Li, Daniel Roberts, Oliver Bennett. Graph neural networks for real-time malware detection in enterprise environments. Social Science and Management. 2025, 2(4): 29-44. DOI: https://doi.org/10.61784/ssm3067.

REFERENCES

[1] Shokouhinejad H, Razavi-Far R, Mohammadian H, et al. Recent advances in malware detection: Graph learning and explainability, 2025: 2502.10556.

[2] Zengeni IP, Zolkipli MF. Zero-day exploits and vulnerability management. Borneo International Journal, 2024, 7(3): 26-33.

[3] Kondracki B, Azad BA, Miramirkhani N, et al. The droid is in the details: Environment-aware evasion of android sandboxes. In Proceedings of the 29th Network and Distributed System Security Symposium, 2022.

[4] Ren S, Jin J, Niu G, Liu Y. ARCS: Adaptive Reinforcement Learning Framework for Automated Cybersecurity Incident Response Strategy Optimization. Applied Sciences, 2025, 15(2): 951.

[5] Bilot T, El Madhoun N, Al Agha K, Zouaoui A. A survey on malware detection with graph representation learning. ACM Computing Surveys, 2024, 56(11): 1-36.

[6] Teodorescu RR. Behavior Analysis for Vulnerability and Malware Detection, 2025.

[7] Zhang S, Tong HH, Xu JJ, et al. Graph convolutional networks: A comprehensive review. Computational Social Networks, 2019, 6: 1–23.

[8] Yan J, Yan G, Jin D. Classifying malware represented as control flow graphs using deep graph convolutional neural network. 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, IEEE, 2019: 52-63.

[9] Moamin SA, Abdulhameed MK, Al-Amri RM, et al. Artificial Intelligence in Malware and Network Intrusion Detection: A Comprehensive Survey of Techniques, Datasets, Challenges, and Future Directions. Babylonian Journal of Artificial Intelligence, 2025: 77-98.

[10] Peng H, Yu Z, Zhao D, et al. Evading control flow graph based GNN malware detectors via active opcode insertion method with maliciousness preserving. Scientific Reports, 2025, 15(1): 9174.

[11] Pemmasani PK. National cybersecurity frameworks for critical infrastructure: Lessons from governmental cyber resilience initiatives. International Journal of Acta Informatica, 2023, 2(1): 209-218.

[12] Atitallah SB, Rabah CB, Driss M, et al. Exploring graph mamba: A comprehensive survey on state-space models for graph learning, 2024: 2412.18322.

[13] Kargarnovin O, Sadeghzadeh AM, Jalili R. Mal2GCN: a robust malware detection approach using deep graph convolutional networks with non-negative weights. Journal of Computer Virology and Hacking Techniques, 2024, 20(1): 95-111.

[14] Malhotra V, Potika K, Stamp M. A comparison of graph neural networks for malware classification. Journal of Computer Virology and Hacking Techniques, 2024, 20(1): 53-69.

[15] Liu K, Xu S, Xu G, et al. A review of android malware detection approaches based on machine learning. IEEE access, 2020, 8: 124579-124607.

[16] Sun T, Yang J, Li J, et al. Enhancing auto insurance risk evaluation with transformer and SHAP. IEEE Access, 2024.

[17] Cao W, Mai NT, Liu W. Adaptive knowledge assessment via symmetric hierarchical Bayesian neural networks with graph symmetry-aware concept dependencies. Symmetry, 2025, 17(8): 1332.

[18] Mai NT, Cao W, Liu W. Interpretable knowledge tracing via transformer-Bayesian hybrid networks: Learning temporal dependencies and causal structures in educational data. Applied Sciences, 2025, 15(17): 9605.

[19] Chen S, Liu Y, Zhang Q, et al. Multi‐Distance Spatial‐Temporal Graph Neural Network for Anomaly Detection in Blockchain Transactions. Advanced Intelligent Systems, 2025: 2400898.

[20] Wang Y, Ding G, Zeng Z, et al. Causal-Aware Multimodal Transformer for Supply Chain Demand Forecasting: Integrating Text, Time Series, and Satellite Imagery, IEEE Access, 2025.

[21] Tan Y, Wu B, Cao J, et al. LLaMA-UTP: Knowledge-Guided Expert Mixture for Analyzing Uncertain Tax Positions. IEEE Access, 2025.

[22] Ge Y, Wang Y, Liu J, et al. GAN-Enhanced Implied Volatility Surface Reconstruction for Option Pricing Error Mitigation. IEEE Access, 2025.

[23] Sun T, Wang M, Han X. Deep Learning in Insurance Fraud Detection: Techniques, Datasets, and Emerging Trends. Journal of Banking and Financial Dynamics, 2025, 9(8): 1-11.

[24] Ren S, Chen S. Large Language Models for Cybersecurity Intelligence, Threat Hunting, and Decision Support. Computer Life, 2025, 13(3): 39-47.

[25] Hu X, Zhao X, Wang J, et al. Information-theoretic multi-scale geometric pre-training for enhanced molecular property prediction. PLoS One, 2025, 20(10): e0332640.

[26] Zhang H, Ge Y, Zhao X, et al. Hierarchical deep reinforcement learning for multi-objective integrated circuit physical layout optimization with congestion-aware reward shaping. IEEE Access, 2025.

[27] Wang M, Zhang X, Han X. AI Driven Systems for Improving Accounting Accuracy Fraud Detection and Financial Transparency. Frontiers in Artificial Intelligence Research, 2025, 2(3): 403-421.

[28] Chen S, Ren S. AI-enabled Forecasting, Risk Assessment, and Strategic Decision Making in Finance. Frontiers in Business and Finance, 2025, 2(02): 274-295.