The rapid evolution of malware attacks calls for the development of innovative detection methods, especially in resource-constrained edge computing. Traditional detection techniques struggle to keep up with modern malware's sophistication and adaptability, prompting a shift towards advanced methodologies like those leveraging Large Language Models (LLMs) for enhanced malware detection. However, deploying LLMs for malware detection directly at edge devices raises several challenges, including ensuring accuracy in constrained environments and addressing edge devices' energy and computational limits. To tackle these challenges, this paper proposes an architecture leveraging lightweight LLMs' strengths while addressing limitations like reduced accuracy and insufficient computational power. To evaluate the effectiveness of the proposed lightweight LLM-based approach for edge computing, we perform an extensive experimental evaluation using several state-of-the-art lightweight LLMs. We test them with several publicly available datasets specifically designed for edge and IoT scenarios and different edge nodes with varying computational power and characteristics.

翻译：恶意软件攻击的快速发展要求开发创新的检测方法，特别是在资源受限的边缘计算环境中。传统检测技术难以跟上现代恶意软件的复杂性和适应性，这促使人们转向利用大型语言模型（LLMs）等先进方法来增强恶意软件检测。然而，直接在边缘设备上部署LLMs进行恶意软件检测带来了若干挑战，包括确保在受限环境中的准确性，以及应对边缘设备的能量和计算限制。为应对这些挑战，本文提出了一种架构，该架构利用轻量级LLMs的优势，同时解决诸如准确性降低和计算能力不足等局限性。为了评估所提出的基于轻量级LLM的边缘计算方法的效果，我们使用几种最先进的轻量级LLMs进行了广泛的实验评估。我们使用多个专门为边缘和物联网场景设计的公开可用数据集，以及具有不同计算能力和特性的不同边缘节点对它们进行了测试。