Classification performance with RF. (a) ROC curve of Delf with (i) API sequence, (ii) C4SG, and (iii) subgraph detected by RF. (b) ROC curve of OBfuscated with (i) API sequence, (ii) C4SG, and (iii) subgraph detected by RF. (c) ROC curve of Small with (i) API sequence, (ii) C4SG, and (iii) subgraph detected by RF. (d) ROC curve of Zlob with (i) API sequence, (ii) C4SG, and (iii) subgraph detected by RF. The overall average accuracy of C4SG is better than in the subgraph and API sequence.