IEEE Access (Jan 2023)
ACMFNN: A Novel Design of an Augmented Convolutional Model for Intelligent Cross-Domain Malware Localization via Forensic Neural Networks
Abstract
The detection and localization of malwares using spatial and temporal data patterns require the development of efficient deep learning models. These models employ various techniques such as feature extraction, feature selection, data classification, and post-processing to achieve their objectives. While numerous high-efficiency malware analysis models have been presented, most of them are designed for application-specific purposes, which limits their scalability to multiple domains. Additionally, only a few of these models have been designed to identify malware locations. To address these issues and improve malware detection scalability and localization performance, this article proposes a novel augmented convolutional model (ACM) for intelligent cross-domain malware analysis using forensic neural networks (FNNs). The model is evaluated on multiple malware datasets, including Electro RAT, Pegasus, SkyGoFree, Viking Horde, Bat Skull, Yesmile, Wirenet, Jigsaw, Satana, and Tapaoux. The proposed model achieved an average accuracy of 98.5% in classifying these malwares, making it useful for real-time malware analysis. The model also achieved an average localization accuracy of 79.6% across these datasets, assisting forensic experts in obtaining an approximate estimate of malware locations in input data streams. The proposed ACMFNN method demonstrated better performance compared to recently proposed malware detection models, with 8% better precision, 6.5% better recall, and 9.4% better classification accuracy. Furthermore, the proposed approach had 15% better localization accuracy, 19% better localization precision, and 14% better localization recall, due to the augmented convolutional model. These results indicate that the proposed model is applicable for a wide variety of malware detection and localization application deployments.
Keywords
