Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
144 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Deep Learning Fusion For Effective Malware Detection: Leveraging Visual Features (2405.14311v1)

Published 23 May 2024 in cs.CR

Abstract: Malware has become a formidable threat as it has been growing exponentially in number and sophistication, thus, it is imperative to have a solution that is easy to implement, reliable, and effective. While recent research has introduced deep learning multi-feature fusion algorithms, they lack a proper explanation. In this work, we investigate the power of fusing Convolutional Neural Network models trained on different modalities of a malware executable. We are proposing a novel multimodal fusion algorithm, leveraging three different visual malware features: Grayscale Image, Entropy Graph, and SimHash Image, with which we conducted exhaustive experiments independently on each feature and combinations of all three of them using fusion operators such as average, maximum, add, and concatenate for effective malware detection and classification. The proposed strategy has a detection rate of 1.00 (on a scale of 0-1) in identifying malware in the given dataset. We explained its interpretability with visualization techniques such as t-SNE and Grad-CAM. Experimental results show the model works even for a highly imbalanced dataset. We also assessed the effectiveness of the proposed method on obfuscated malware and achieved state-of-the-art results. The proposed methodology is more reliable as our findings prove VGG16 model can detect and classify malware in a matter of seconds in real-time.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (38)
  1. Novel feature extraction, selection and fusion for effective malware family classification. In Proceedings of the sixth ACM conference on data and application security and privacy, pages 183–194, 2016.
  2. An inception v3 approach for malware classification using machine learning and transfer learning. International Journal of Intelligent Networks, 4:11–18, 2023.
  3. Fusion of deep learning based cyberattack detection and classification model for intelligent systems. Cluster Computing, 26(2):1363–1374, 2023.
  4. Visualization and deep-learning-based malware variant detection using opcode-level features. Future Generation Computer Systems, 125:314–323, 2021.
  5. Hydra: A multimodal deep learning framework for malware classification. Computers & Security, 95:101873, 2020.
  6. Using convolutional neural networks for classification of malware represented as images. Journal of Computer Virology and Hacking Techniques, 15:15–28, 2019.
  7. Fusing feature engineering and deep learning: A case study for malware classification. Expert Systems with Applications, 207:117957, 2022.
  8. Anne Humeau-Heurtier. Texture feature extraction methods: A survey. IEEE access, 7:8975–9000, 2019.
  9. A novel framework for image-based malware detection with a deep neural network. Computers & Security, 109:102400, 2021.
  10. Transfer learning for malware multi-classification. In Proceedings of the 23rd International Database Applications & Engineering Symposium, pages 1–7, 2019.
  11. Malware classification with deep convolutional neural networks. In 2018 9th IFIP international conference on new technologies, mobility and security (NTMS), pages 1–5. IEEE, 2018.
  12. Long short-term memory-based malware classification method for information security. Computers & Electrical Engineering, 77:366–375, 2019.
  13. Analysis of resnet and googlenet models for malware detection. Journal of Computer Virology and Hacking Techniques, 15:29–37, 2019.
  14. Sanjeev Kumar and B Janet. Dtmic: Deep transfer learning for malware image classification. Journal of Information Security and Applications, 64:103063, 2022.
  15. Deep learning at the shallow end: Malware classification for non-domain experts. Digital Investigation, 26:S118–S126, 2018.
  16. Conrec: malware classification using convolutional recurrence. Journal of Computer Virology and Hacking Techniques, 18(4):297–313, 2022.
  17. Android malware detection through hybrid features fusion and ensemble classifiers: The andropytool framework and the omnidroid dataset. Information Fusion, 52:128–142, 2019.
  18. Identification of malicious code variants based on image visualization. Computers & Electrical Engineering, 76:225–237, 2019.
  19. Performance analysis of machine learning and pattern recognition algorithms for malware classification. In 2016 IEEE national aerospace and electronics conference (NAECON) and ohio innovation summit (OIS), pages 338–342. IEEE, 2016.
  20. Malware images: visualization and automatic classification. In Proceedings of the 8th international symposium on visualization for cyber security, pages 1–7, 2011.
  21. Malware identification using visualization images and deep learning. Computers & Security, 77:871–885, 2018.
  22. Malware detection employed by visualization and deep neural network. Computers & Security, 105:102247, 2021.
  23. A multi-channel visualization method for malware classification based on deep learning. In 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), pages 757–762. IEEE, 2019.
  24. Malware visualization methods based on deep convolution neural networks. Multimedia Tools and Applications, 79:10975–10993, 2020.
  25. Malicious software classification using vgg16 deep neural network’s bottleneck features. In Information Technology-New Generations: 15th International Conference on Information Technology, pages 51–59. Springer, 2018.
  26. Intelligent vision-based malware detection and classification using deep random forest paradigm. IEEE Access, 8:206303–206324, 2020.
  27. Grad-cam: Visual explanations from deep networks via gradient-based localization. In Proceedings of the IEEE international conference on computer vision, pages 618–626, 2017.
  28. Deep learning and visualization for identifying malware families. IEEE Transactions on Dependable and Secure Computing, 18(1):283–295, 2018.
  29. A novel malware classification and augmentation model based on convolutional neural network. Computers & Security, 112:102515, 2022.
  30. Dhananjay Theckedath and RR Sedamkar. Detecting affect states using vgg16, resnet50 and se-resnet50 networks. SN Computer Science, 1:1–7, 2020.
  31. Imcfn: Image-based malware classification using fine-tuned convolutional neural network architecture. Computer Networks, 171:107138, 2020.
  32. Image-based malware classification using ensemble of cnn architectures (imcec). Computers & Security, 92:101748, 2020.
  33. A hybrid deep learning image-based analysis for effective malware detection. Journal of Information Security and Applications, 47:377–389, 2019.
  34. A novel malware detection and family classification scheme for iot based on deam and densenet. Security and Communication Networks, 2021:1–16, 2021.
  35. Image-based malware classification using section distribution information. Computers & Security, 110:102420, 2021.
  36. A convolutional neural network based classifier for uncompressed malware samples. In Proceedings of the 1st Workshop on Security-Oriented Designs of Computer Architectures and Processors, pages 15–17.
  37. Byte-level malware classification based on markov images and deep learning. Computers & Security, 92:101740, 2020.
  38. Malware homology determination using visualized images and feature fusion. PeerJ Computer Science, 7:e494, 2021.
Citations (1)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets