Leveraging Image Analysis and Deep Convolutional Neural Networks for Cutting-Edge Malware Detection and Mitigation
Downloads
In this study, we investigate using deep learning, i.e., deep convolutional neural networks (DCNNs), for malware detection leveraging network traffic data. Signature-based detection techniques are now proven unable to cope with the extremely high rate of malware variants' evolution. For this reason, this research suggests a novel method of turning raw network traffic data input (APKS, CSVS, and PCAPS) into visual representations for better malware classification. The study trains a model using DCNNs and refines it using the VGG19 architecture and extra convolutional layers to achieve higher detection rates utilizing the CICAndMal2017 dataset. The key metrics of precision (98.5%), recall (99.4%), and F1 score (98.8%) are all observed with a high performance, along with the AUC of 0.93 and accuracy rate of 99.35%. Deep learning is demonstrated to be effective in detecting malware via image-based features, and there is a significant improvement compared to traditional approaches. The novelty in this work is the use of deep learning for malware detection via visual representations of network traffic. Future work will improve computational efficiency, extend the approach to dynamic environments, and learn to be more robust to evasion tactics through adversarial training.
Downloads
[1] Bayazit, E. C., Sahingoz, O. K., & Dogan, B. (2023). Deep Learning based Malware Detection for Android Systems: A Comparative Analysis. Tehnicki Vjesnik, 30(3), 787–796. doi:10.17559/TV-20220907113227.
[2] Ksibi, A., Zakariah, M., Almuqren, L., & Alluhaidan, A. S. (2023). Deep Convolution Neural Networks and Image Processing for Malware Detection. Research Square (Preprint), 1-25. doi:10.21203/rs.3.rs-2508967/v1.
[3] Kumar, S., Janet, B., & Neelakantan, S. (2024). IMCNN:Intelligent Malware Classification using Deep Convolution Neural Networks as Transfer learning and ensemble learning in honeypot enabled organizational network. Computer Communications, 216, 16–33. doi:10.1016/j.comcom.2023.12.036.
[4] Shelar, M. D., & Rao, S. S. (2024). Enhanced capsule network-based executable files malware detection and classification—deep learning approach. Concurrency and Computation: Practice and Experience, 36(4), e7928. doi:10.1002/cpe.7928.
[5] Alam, I., Samiullah, M., Kabir, U., Woo, S., Leung, C. K., & Nguyen, H. H. (2024). SREMIC: Spatial Relation Extraction-based Malware Image Classification. Proceedings of the 2024 18th International Conference on Ubiquitous Information Management and Communication, IMCOM 2024, 1–8. doi:10.1109/IMCOM60618.2024.10418339.
[6] Brown, A., Gupta, M., & Abdelsalam, M. (2024). Automated machine learning for deep learning based malware detection. Computers and Security, 137, 103582. doi:10.1016/j.cose.2023.103582.
[7] Aboshady, D., Ghannam, N., Elsayed, E., & Diab, L. (2022). The Malware Detection Approach in the Design of Mobile Applications. Symmetry, 14(5), 839. doi:10.3390/sym14050839.
[8] Akyol, K. (2024). Comprehensive comparison of modified deep convolutional neural networks for automated detection of external and middle ear conditions. Neural Computing and Applications, 36(10), 5529–5544. doi:10.1007/s00521-023-09365-4.
[9] Poornima, S., & Mahalakshmi, R. (2024). Automated malware detection using machine learning and deep learning approaches for android applications. Measurement: Sensors, 32, 100955. doi:10.1016/j.measen.2023.100955.
[10] Djenna, A., Bouridane, A., Rubab, S., & Marou, I. M. (2023). Artificial Intelligence-Based Malware Detection, Analysis, and Mitigation. Symmetry, 15(3), 677. doi:10.3390/sym15030677.
[11] Atif Raza Zaidi, Tahir Abbas, Hamza Zahid, & Sadaqat Ali Ramay. (2023). Effectiveness Of Detecting Android Malware Using Deep Learning Techniques. Journal of Nanoscope, 4(2), 1–21. doi:10.52700/jn.v4i2.90.
[12] Aldini, A., & Petrelli, T. (2024). Image-based detection and classification of Android malware through CNN models. ACM International Conference Proceeding Series, 1–11. doi:10.1145/3664476.3670441.
[13] Kiraz, Ö., & Doğru, İ. A. (2024). Visualising Static Features and Classifying Android Malware Using a Convolutional Neural Network Approach. Applied Sciences (Switzerland), 14(11), 4772. doi:10.3390/app14114772.
[14] Wang, Z., Yu, Q., & Yuan, S. (2024). Android malware detection based on RGB images and multi-feature fusion. arXiv preprint arXiv:2408.16555.
[15] Bau, Y. T., Choo, Y. H., & Goh, C. Le. (2024). Android Malware Multiclass Classification using Machine Learning: Evaluating the Performance of Random Forest, Artificial Neural Network, and Convolutional Neural Network. Journal of Logistics, Informatics and Service Science, 11(10), 1–19. doi:10.33168/JLISS.2024.1001.
[16] Bakır, H. (2025). A new method for tuning the CNN pre-trained models as a feature extractor for malware detection. Pattern Analysis and Applications, 28(1), 26. doi:10.1007/s10044-024-01381-x.
[17] Rakshe, D. S., Jha, S., & Bhaladhare, P. R. (2025). DMFCNN-HBO: deep maxout fusion convolutional neural network model enabled with honey badger optimization for DDoS attack detection. International Journal of Information Technology (Singapore), 17(4), 2347–2354. doi:10.1007/s41870-024-02379-8.
[18] Ahmed, S. R., Mohamed, S. J., Aljanabi, M. S., Algburi, S., Majeed, D. A., Kurdi, N. A., Al-Sarem, M., & Tawfeq, J. F. (2024). A Novel Approach to Malware Detection using Machine Learning and Image Processing. ACM International Conference Proceeding Series, 298–302. doi:10.1145/3660853.3660931.
[19] Saidia Fascí, L., Fisichella, M., Lax, G., & Qian, C. (2023). Disarming visualization-based approaches in malware detection systems. Computers and Security, 126, 103062. doi:10.1016/j.cose.2022.103062.
[20] Ravi, V., & Alazab, M. (2023). Attention-based convolutional neural network deep learning approach for robust malware classification. Computational Intelligence, 39(1), 145–168. doi:10.1111/coin.12551.
[21] Alsuwat, E., Solaiman, S., & Alsuwat, H. (2023). Concept Drift Analysis and Malware Attack Detection System Using Secure Adaptive Windowing. Computers, Materials and Continua, 75(2), 3743–3759. doi:10.32604/cmc.2023.035126.
[22] Ayele, Y. Z., Chockalingam, S., & Lau, N. (2023). Threat Actors and Methods of Attack to Social Robots in Public Spaces. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics): Vol. 14045 LNCS, 262–273. doi:10.1007/978-3-031-35822-7_18.
[23] Mehmood, M., Amin, R., Muslam, M. M. A., Xie, J., & Aldabbas, H. (2023). Privilege Escalation Attack Detection and Mitigation in Cloud Using Machine Learning. IEEE Access, 11, 46561–46576. doi:10.1109/ACCESS.2023.3273895.
[24] Qiao, Y., Zhang, W., Tian, Z., Yang, L. T., Liu, Y., & Alazab, M. (2023). Adversarial ELF Malware Detection Method Using Model Interpretation. IEEE Transactions on Industrial Informatics, 19(1), 605–615. doi:10.1109/TII.2022.3192901.
[25] Alshraideh, M. A., Al-Dreabi, E. A., Otoom, M. M., Salah, B., Hawamdeh, Z. M., & Alshraideh, M. (2017). Automated Detection of Breast Cancer Using Artificial Neural Networks and Fuzzy Logic. Article in International Journal of Sciences Basic and Applied Research, 35(3), 109–120.
[26] Qiu, J., Han, Q. L., Luo, W., Pan, L., Nepal, S., Zhang, J., & Xiang, Y. (2023). Cyber Code Intelligence for Android Malware Detection. IEEE Transactions on Cybernetics, 53(1), 617–627. doi:10.1109/TCYB.2022.3164625.
[27] Otoom, M. M., Jemmali, M., Qawqzeh, Y., SA, K. N., & Al Fay, F. (2019). Comparative Analysis of Different Machine Learning Models for Estimating the Population Growth Rate in Data-Limited Area. International Journal of Computer Science and Network Security, 19(12), 96–101.
[28] Otoom, M. M. (2021). Comparing the Performance of 17 Machine Learning Models in Predicting Human Population Growth of Countries. IJCSNS International Journal of Computer Science and Network Security, 21(January), 220–225. doi:10.22937/IJCSNS.2021.21.1.28.
[29] Alnajim, A. M., Habib, S., Islam, M., Albelaihi, R., & Alabdulatif, A. (2023). Mitigating the Risks of Malware Attacks with Deep Learning Techniques. Electronics (Switzerland), 12(14), 3166. doi:10.3390/electronics12143166.
[30] Shu, L., Dong, S., Su, H., & Huang, J. (2023). Android Malware Detection Methods Based on Convolutional Neural Network: A Survey. IEEE Transactions on Emerging Topics in Computational Intelligence, 7(5), 1330–1350. doi:10.1109/TETCI.2023.3281833.
[31] Zhao, Z., Zhao, D., Yang, S., & Xu, L. (2023). Image-Based Malware Classification Method with the AlexNet Convolutional Neural Network Model. Security and Communication Networks, 2023, 1–15. doi:10.1155/2023/6390023.
[32] Xie, N., Qin, Z., & Di, X. (2023). GA-StackingMD: Android Malware Detection Method Based on Genetic Algorithm Optimized Stacking. Applied Sciences (Switzerland), 13(4), 2629. doi:10.3390/app13042629.
[33] Arslan, R. S. (2021). Identify Type of Android Malware with Machine Learning Based Ensemble Model. ISMSIT 2021 - 5th International Symposium on Multidisciplinary Studies and Innovative Technologies, Proceedings, 628–632. doi:10.1109/ISMSIT52890.2021.9604661.
[34] Otoom, M. M., Sattar, K. N. A., & Sadig, M. Al. (2023). Ensemble Model for Network Intrusion Detection System Based on Bagging Using J48. Advances in Science and Technology Research Journal, 17(2), 322–329. doi:10.12913/22998624/161820.
[35] Otoom, M. M. (2022). ABMJ: An Ensemble Model for Risk Prediction in Software Requirements. IJCSNS International Journal of Computer Science and Network Security, 22(3), 710. doi:10.22937/IJCSNS.2022.22.3.93.
- This work (including HTML and PDF Files) is licensed under a Creative Commons Attribution 4.0 International License.
