IFMD: image fusion for malware detection

Significant advances in malware production methods in recent years and their use of advanced concealment mechanisms have made identifying such malware a major challenge in the field of computer system security. Recently generated malware has a high degree of self-protection mechanism, which makes it difficult to detect malware using traditional methods, if not impossible. Thus, there is a need to provide new malware detection methods. This research attempts to identify malware and help improve the security of computer systems by proposing a new machine learning based approach which use features extracted from image processing techniques. To this end, a new malware detection method based on image fusion of important sections of executable files is proposed. Employing a deep convolutional neural network to detect malware and focusing on the important sections of the file, the proposed method tries to convert the file into an RGB color image, fuse the resulting images, and extract the desired features. Using Transfer Matrix and RGB Mapping methods, the important sections of the file are first extracted to generate an RGB color image equivalent to the extracted sections. After this step, two color images are generated for each file, which are then combined using known image fusion techniques to obtain the final image. Then, AlexNet deep Convolutional Neural Network is used to classify malware and benign files.