Research Article
BibTex RIS Cite

Year 2024, Volume: 7 Issue: 1, 22 - 35, 30.04.2024

Oğuzhan Katar , Özal Yıldırım

https://doi.org/10.35377/saucis...1341082

Abstract

References

  • [1] M. Wazid, A. K. Das, J. J. P. C. Rodrigues, S. Shetty, and Y. Park, “IoMT malware detection approaches: analysis and research challenges,” IEEE Access, vol. 7, pp. 182459–182476, 2019.
  • [2] A. Chakraborty, A. Biswas, and A. K. Khan, “Artificial Intelligence for Cybersecurity: Threats, Attacks and Mitigation,” arXiv preprint arXiv:2209.13454, 2022.
  • [3] Ö. Aslan, S. S. Aktuğ, M. Ozkan-Okay, A. A. Yilmaz, and E. Akin, “A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions,” Electronics (Basel), vol. 12, no. 6, p. 1333, 2023.
  • [4] C. S. Yadav et al., “Malware analysis in iot & android systems with defensive mechanism,” Electronics (Basel), vol. 11, no. 15, p. 2354, 2022.
  • [5] M. Z. Hasan, M. Z. Hussain, and Z. Ullah, “Computer Viruses, Attacks, and Security Methods,” Lahore Garrison University Research Journal of Computer Science and Information Technology, vol. 3, no. 3, pp. 20–25, 2019.
  • [6] B. S. Rawal, G. Manogaran, and A. Peter, “Malware,” in Cybersecurity and Identity Access Management, Springer, 2022, pp. 103–116.
  • [7] P. M. Datta, “Cybersecurity Threats: Malware in the Code,” in Global Technology Management 4.0: Concepts and Cases for Managing in the 4th Industrial Revolution, Springer, 2022, pp. 155–170.
  • [8] K. Geldenhuys, “Spyware: Spying on everything you do,” Servamus Community-based Safety and Security Magazine, vol. 114, no. 10, pp. 15–17, 2021.
  • [9] M. Agrawal, K. D. S. Mann, R. Johari, and D. P. Vidyarthi, “Cyber Risks and Security—A Case Study on Analysis of Malware,” in International Conference on Innovative Computing and Communications: Proceedings of ICICC 2022, Volume 3, Springer, 2022, pp. 339–349.
  • [10] S. Thakur, S. Chaudhari, and B. Joshi, “Ransomware: Threats, Identification and Prevention,” Cyber Security and Digital Forensics, pp. 361–387, 2022.
  • [11] S. Li, Q. Zhou, R. Zhou, and Q. Lv, “Intelligent malware detection based on graph convolutional network,” J Supercomput, vol. 78, no. 3, pp. 4182–4198, 2022.
  • [12] A. Razgallah, R. Khoury, S. Hallé, and K. Khanmohammadi, “A survey of malware detection in Android apps: Recommendations and perspectives for future research,” Comput Sci Rev, vol. 39, p. 100358, 2021.
  • [13] N. Galloro, M. Polino, M. Carminati, A. Continella, and S. Zanero, “A Systematical and longitudinal study of evasive behaviors in windows malware,” Comput Secur, vol. 113, p. 102550, 2022.
  • [14] Q.-D. Ngo, H.-T. Nguyen, V.-H. Le, and D.-H. Nguyen, “A survey of IoT malware and detection methods based on static features,” ICT Express, vol. 6, no. 4, pp. 280–286, 2020.
  • [15] Y. Yang et al., “GooseBt: A programmable malware detection framework based on process, file, registry, and COM monitoring,” Comput Commun, vol. 204, pp. 24–32, 2023.
  • [16] U. Zahoora, A. Khan, M. Rajarajan, S. H. Khan, M. Asam, and T. Jamal, “Ransomware detection using deep learning based unsupervised feature extraction and a cost sensitive Pareto Ensemble classifier,” Sci Rep, vol. 12, no. 1, p. 15647, 2022.
  • [17] B. Y. Sathwara, “A Hybrid Approach Based on Boosting Algorithm for Effective Android Malware Detection,” International Journal of Computing and Digital Systems, vol. 13, no. 1, pp. 189–206, 2023.
  • [18] S. Venkatraman, M. Alazab, and R. Vinayakumar, “A hybrid deep learning image-based analysis for effective malware detection,” Journal of Information Security and Applications, vol. 47, pp. 377–389, 2019.
  • [19] S. Alrabaee, M. Debbabi, and L. Wang, “A survey of binary code fingerprinting approaches: taxonomy, methodologies, and features,” ACM Computing Surveys (CSUR), vol. 55, no. 1, pp. 1–41, 2022.
  • [20] H. Naeem et al., “Malware detection in industrial internet of things based on hybrid image visualization and deep learning model,” Ad Hoc Networks, vol. 105, p. 102154, 2020.
  • [21] P. Yadav, N. Menon, V. Ravi, S. Vishvanathan, and T. D. Pham, “A two‐stage deep learning framework for image‐based android malware detection and variant classification,” Comput Intell, vol. 38, no. 5, pp. 1748–1771, 2022.
  • [22] S. H. Khan et al., “A New Deep Boosted CNN and Ensemble Learning based IoT Malware Detection,” Comput Secur, p. 103385, 2023.
  • [23] X. Xing, X. Jin, H. Elahi, H. Jiang, and G. Wang, “A malware detection approach using autoencoder in deep learning,” IEEE Access, vol. 10, pp. 25696–25706, 2022.
  • [24] M. Asam et al., “IoT malware detection architecture using a novel channel boosted and squeezed CNN,” Sci Rep, vol. 12, no. 1, p. 15498, 2022.
  • [25] S. Kumar and B. Janet, “DTMIC: Deep transfer learning for malware image classification,” Journal of Information Security and Applications, vol. 64, p. 103063, 2022.
  • [26] Z. Lu, S. Liang, Q. Yang, and B. Du, “Evolving block-based convolutional neural network for hyperspectral image classification,” IEEE Transactions on Geoscience and Remote Sensing, vol. 60, pp. 1–21, 2022.
  • [27] M. Chen et al., “Searching the search space of vision transformer,” Adv Neural Inf Process Syst, vol. 34, pp. 8714–8726, 2021.
  • [28] M. M. Naseer, K. Ranasinghe, S. H. Khan, M. Hayat, F. Shahbaz Khan, and M.-H. Yang, “Intriguing properties of vision transformers,” Adv Neural Inf Process Syst, vol. 34, pp. 23296–23308, 2021.
  • [29] A. S. Bozkir, A. O. Cankaya, and M. Aydos, “Utilization and comparision of convolutional neural networks in malware recognition,” in 2019 27th Signal Processing and Communications Applications Conference (SIU), IEEE, 2019, pp. 1–4.
  • [30] A. Dosovitskiy et al., “An image is worth 16x16 words: Transformers for image recognition at scale,” arXiv preprint arXiv:2010.11929, 2020.
  • [31] J. Wu, R. Hu, Z. Xiao, J. Chen, and J. Liu, “Vision Transformer‐based recognition of diabetic retinopathy grade,” Med Phys, vol. 48, no. 12, pp. 7850–7863, 2021.
  • [32] P. S. Thakur, P. Khanna, T. Sheorey, and A. Ojha, “Explainable vision transformer enabled convolutional neural network for plant disease identification: PlantXViT,” arXiv preprint arXiv:2207.07919, 2022.
  • [33] Y. Wu, S. Qi, Y. Sun, S. Xia, Y. Yao, and W. Qian, “A vision transformer for emphysema classification using CT images,” Phys Med Biol, vol. 66, no. 24, p. 245016, 2021.
  • [34] S. Illium, R. Müller, A. Sedlmeier, and C.-L. Popien, “Visual transformers for primates classification and covid detection,” arXiv preprint arXiv:2212.10093, 2022.
  • [35] J. Deng, W. Dong, R. Socher, L.-J. Li, K. Li, and L. Fei-Fei, “Imagenet: A large-scale hierarchical image database,” in 2009 IEEE conference on computer vision and pattern recognition, Ieee, 2009, pp. 248–255.
  • [36] S. Patil et al., “Improving the robustness of ai-based malware detection using adversarial machine learning,” Algorithms, vol. 14, no. 10, p. 297, 2021.
  • [37] I. Alodat and M. Alodat, “Detection of Image Malware Steganography Using Deep Transfer Learning Model,” in Proceedings of International Conference on Data Science and Applications: ICDSA 2021, Volume 2, Springer, 2021, pp. 323–333.
  • [38] A. Fathurrahman, A. Bejo, and I. Ardiyanto, “Lightweight convolution neural network for image-based malware classification on embedded systems,” in 2021 International Seminar on Machine Learning, Optimization, and Data Science (ISMODE), IEEE, 2022, pp. 12–16.
  • [39] S. Ben Atitallah, M. Driss, and I. Almomani, “A novel detection and multi-classification approach for IoT-malware using random forest voting of fine-tuning convolutional neural networks,” Sensors, vol. 22, no. 11, p. 4302, 2022.

Classification of Malware Images Using Fine-Tunned ViT

Year 2024, Volume: 7 Issue: 1, 22 - 35, 30.04.2024

Oğuzhan Katar , Özal Yıldırım

https://doi.org/10.35377/saucis...1341082

Abstract

Malware detection and classification have become critical tasks in ensuring the security and integrity of computer systems and networks. Traditional methods of malware analysis often rely on signature-based approaches, which struggle to cope with the ever-evolving landscape of malware variants. In recent years, deep learning techniques have shown promising results in automating the process of malware classification. This paper presents a novel approach to malware image classification using the Vision Transformer (ViT) architecture. In this work, we adapt the ViT model to the domain of malware analysis by representing malware images as input tokens to the ViT architecture. To evaluate the effectiveness of the proposed approach, we used a comprehensive dataset comprising 14,226 malware samples across 26 families. We compare the performance of our ViT-based classifier with traditional machine learning methods and other deep learning architectures. Our experimental results showcase the potential of the ViT in handling malware images, achieving a classification accuracy of 98.80%. The presented approach establishes a strong foundation for further research in utilizing state-of-the-art deep learning architectures for enhanced malware analysis and detection techniques.

Keywords

Malware detection Vision Transformer Deep learning Network Security.

References

  • [1] M. Wazid, A. K. Das, J. J. P. C. Rodrigues, S. Shetty, and Y. Park, “IoMT malware detection approaches: analysis and research challenges,” IEEE Access, vol. 7, pp. 182459–182476, 2019.
  • [2] A. Chakraborty, A. Biswas, and A. K. Khan, “Artificial Intelligence for Cybersecurity: Threats, Attacks and Mitigation,” arXiv preprint arXiv:2209.13454, 2022.
  • [3] Ö. Aslan, S. S. Aktuğ, M. Ozkan-Okay, A. A. Yilmaz, and E. Akin, “A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions,” Electronics (Basel), vol. 12, no. 6, p. 1333, 2023.
  • [4] C. S. Yadav et al., “Malware analysis in iot & android systems with defensive mechanism,” Electronics (Basel), vol. 11, no. 15, p. 2354, 2022.
  • [5] M. Z. Hasan, M. Z. Hussain, and Z. Ullah, “Computer Viruses, Attacks, and Security Methods,” Lahore Garrison University Research Journal of Computer Science and Information Technology, vol. 3, no. 3, pp. 20–25, 2019.
  • [6] B. S. Rawal, G. Manogaran, and A. Peter, “Malware,” in Cybersecurity and Identity Access Management, Springer, 2022, pp. 103–116.
  • [7] P. M. Datta, “Cybersecurity Threats: Malware in the Code,” in Global Technology Management 4.0: Concepts and Cases for Managing in the 4th Industrial Revolution, Springer, 2022, pp. 155–170.
  • [8] K. Geldenhuys, “Spyware: Spying on everything you do,” Servamus Community-based Safety and Security Magazine, vol. 114, no. 10, pp. 15–17, 2021.
  • [9] M. Agrawal, K. D. S. Mann, R. Johari, and D. P. Vidyarthi, “Cyber Risks and Security—A Case Study on Analysis of Malware,” in International Conference on Innovative Computing and Communications: Proceedings of ICICC 2022, Volume 3, Springer, 2022, pp. 339–349.
  • [10] S. Thakur, S. Chaudhari, and B. Joshi, “Ransomware: Threats, Identification and Prevention,” Cyber Security and Digital Forensics, pp. 361–387, 2022.
  • [11] S. Li, Q. Zhou, R. Zhou, and Q. Lv, “Intelligent malware detection based on graph convolutional network,” J Supercomput, vol. 78, no. 3, pp. 4182–4198, 2022.
  • [12] A. Razgallah, R. Khoury, S. Hallé, and K. Khanmohammadi, “A survey of malware detection in Android apps: Recommendations and perspectives for future research,” Comput Sci Rev, vol. 39, p. 100358, 2021.
  • [13] N. Galloro, M. Polino, M. Carminati, A. Continella, and S. Zanero, “A Systematical and longitudinal study of evasive behaviors in windows malware,” Comput Secur, vol. 113, p. 102550, 2022.
  • [14] Q.-D. Ngo, H.-T. Nguyen, V.-H. Le, and D.-H. Nguyen, “A survey of IoT malware and detection methods based on static features,” ICT Express, vol. 6, no. 4, pp. 280–286, 2020.
  • [15] Y. Yang et al., “GooseBt: A programmable malware detection framework based on process, file, registry, and COM monitoring,” Comput Commun, vol. 204, pp. 24–32, 2023.
  • [16] U. Zahoora, A. Khan, M. Rajarajan, S. H. Khan, M. Asam, and T. Jamal, “Ransomware detection using deep learning based unsupervised feature extraction and a cost sensitive Pareto Ensemble classifier,” Sci Rep, vol. 12, no. 1, p. 15647, 2022.
  • [17] B. Y. Sathwara, “A Hybrid Approach Based on Boosting Algorithm for Effective Android Malware Detection,” International Journal of Computing and Digital Systems, vol. 13, no. 1, pp. 189–206, 2023.
  • [18] S. Venkatraman, M. Alazab, and R. Vinayakumar, “A hybrid deep learning image-based analysis for effective malware detection,” Journal of Information Security and Applications, vol. 47, pp. 377–389, 2019.
  • [19] S. Alrabaee, M. Debbabi, and L. Wang, “A survey of binary code fingerprinting approaches: taxonomy, methodologies, and features,” ACM Computing Surveys (CSUR), vol. 55, no. 1, pp. 1–41, 2022.
  • [20] H. Naeem et al., “Malware detection in industrial internet of things based on hybrid image visualization and deep learning model,” Ad Hoc Networks, vol. 105, p. 102154, 2020.
  • [21] P. Yadav, N. Menon, V. Ravi, S. Vishvanathan, and T. D. Pham, “A two‐stage deep learning framework for image‐based android malware detection and variant classification,” Comput Intell, vol. 38, no. 5, pp. 1748–1771, 2022.
  • [22] S. H. Khan et al., “A New Deep Boosted CNN and Ensemble Learning based IoT Malware Detection,” Comput Secur, p. 103385, 2023.
  • [23] X. Xing, X. Jin, H. Elahi, H. Jiang, and G. Wang, “A malware detection approach using autoencoder in deep learning,” IEEE Access, vol. 10, pp. 25696–25706, 2022.
  • [24] M. Asam et al., “IoT malware detection architecture using a novel channel boosted and squeezed CNN,” Sci Rep, vol. 12, no. 1, p. 15498, 2022.
  • [25] S. Kumar and B. Janet, “DTMIC: Deep transfer learning for malware image classification,” Journal of Information Security and Applications, vol. 64, p. 103063, 2022.
  • [26] Z. Lu, S. Liang, Q. Yang, and B. Du, “Evolving block-based convolutional neural network for hyperspectral image classification,” IEEE Transactions on Geoscience and Remote Sensing, vol. 60, pp. 1–21, 2022.
  • [27] M. Chen et al., “Searching the search space of vision transformer,” Adv Neural Inf Process Syst, vol. 34, pp. 8714–8726, 2021.
  • [28] M. M. Naseer, K. Ranasinghe, S. H. Khan, M. Hayat, F. Shahbaz Khan, and M.-H. Yang, “Intriguing properties of vision transformers,” Adv Neural Inf Process Syst, vol. 34, pp. 23296–23308, 2021.
  • [29] A. S. Bozkir, A. O. Cankaya, and M. Aydos, “Utilization and comparision of convolutional neural networks in malware recognition,” in 2019 27th Signal Processing and Communications Applications Conference (SIU), IEEE, 2019, pp. 1–4.
  • [30] A. Dosovitskiy et al., “An image is worth 16x16 words: Transformers for image recognition at scale,” arXiv preprint arXiv:2010.11929, 2020.
  • [31] J. Wu, R. Hu, Z. Xiao, J. Chen, and J. Liu, “Vision Transformer‐based recognition of diabetic retinopathy grade,” Med Phys, vol. 48, no. 12, pp. 7850–7863, 2021.
  • [32] P. S. Thakur, P. Khanna, T. Sheorey, and A. Ojha, “Explainable vision transformer enabled convolutional neural network for plant disease identification: PlantXViT,” arXiv preprint arXiv:2207.07919, 2022.
  • [33] Y. Wu, S. Qi, Y. Sun, S. Xia, Y. Yao, and W. Qian, “A vision transformer for emphysema classification using CT images,” Phys Med Biol, vol. 66, no. 24, p. 245016, 2021.
  • [34] S. Illium, R. Müller, A. Sedlmeier, and C.-L. Popien, “Visual transformers for primates classification and covid detection,” arXiv preprint arXiv:2212.10093, 2022.
  • [35] J. Deng, W. Dong, R. Socher, L.-J. Li, K. Li, and L. Fei-Fei, “Imagenet: A large-scale hierarchical image database,” in 2009 IEEE conference on computer vision and pattern recognition, Ieee, 2009, pp. 248–255.
  • [36] S. Patil et al., “Improving the robustness of ai-based malware detection using adversarial machine learning,” Algorithms, vol. 14, no. 10, p. 297, 2021.
  • [37] I. Alodat and M. Alodat, “Detection of Image Malware Steganography Using Deep Transfer Learning Model,” in Proceedings of International Conference on Data Science and Applications: ICDSA 2021, Volume 2, Springer, 2021, pp. 323–333.
  • [38] A. Fathurrahman, A. Bejo, and I. Ardiyanto, “Lightweight convolution neural network for image-based malware classification on embedded systems,” in 2021 International Seminar on Machine Learning, Optimization, and Data Science (ISMODE), IEEE, 2022, pp. 12–16.
  • [39] S. Ben Atitallah, M. Driss, and I. Almomani, “A novel detection and multi-classification approach for IoT-malware using random forest voting of fine-tuning convolutional neural networks,” Sensors, vol. 22, no. 11, p. 4302, 2022.
There are 39 citations in total.

Details

Primary Language English
Subjects Software Engineering (Other)
Journal Section Articles
Authors

Oğuzhan Katar 0000-0002-5628-3543

Özal Yıldırım 0000-0001-5375-3012

Early Pub Date April 27, 2024
Publication Date April 30, 2024
Submission Date August 10, 2023
Acceptance Date January 25, 2024
Published in Issue Year 2024Volume: 7 Issue: 1

Cite

IEEE O. Katar and Ö. Yıldırım, “Classification of Malware Images Using Fine-Tunned ViT”, SAUCIS, vol. 7, no. 1, pp. 22–35, 2024, doi: 10.35377/saucis...1341082.
 Download Cover Image

29070    The papers in this journal are licensed under a Creative Commons Attribution-NonCommercial 4.0 International License