IFMD: image fusion for malware detection

IFMD: image fusion for malware detection

Significant advances in malware production methods in recent years and their use of advanced concealment mechanisms have made identifying such malware a major challenge in the field of computer system security. Recently generated malware has a high degree of self-protection mechanism, which makes it...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of Computer Virology and Hacking Techniques 2023-06, Vol.19 (2), p.271-286
Hauptverfasser: Hashemi, Hashem, Samie, Mohammad Ebrahim, Hamzeh, Ali
Format: Artikel
Sprache:eng
Schlagworte:
Artificial neural networks
Color imagery
Computer Science
Computer vision
Cybersecurity
Image processing
Machine learning
Malware
Neural networks
Original Paper
Production methods
Transfer matrices
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 286
container_issue 2
container_start_page 271
container_title Journal of Computer Virology and Hacking Techniques
container_volume 19
creator Hashemi, Hashem
Samie, Mohammad Ebrahim
Hamzeh, Ali
description Significant advances in malware production methods in recent years and their use of advanced concealment mechanisms have made identifying such malware a major challenge in the field of computer system security. Recently generated malware has a high degree of self-protection mechanism, which makes it difficult to detect malware using traditional methods, if not impossible. Thus, there is a need to provide new malware detection methods. This research attempts to identify malware and help improve the security of computer systems by proposing a new machine learning based approach which use features extracted from image processing techniques. To this end, a new malware detection method based on image fusion of important sections of executable files is proposed. Employing a deep convolutional neural network to detect malware and focusing on the important sections of the file, the proposed method tries to convert the file into an RGB color image, fuse the resulting images, and extract the desired features. Using Transfer Matrix and RGB Mapping methods, the important sections of the file are first extracted to generate an RGB color image equivalent to the extracted sections. After this step, two color images are generated for each file, which are then combined using known image fusion techniques to obtain the final image. Then, AlexNet deep Convolutional Neural Network is used to classify malware and benign files.
doi_str_mv 10.1007/s11416-022-00445-y
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2823643942</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2823643942</sourcerecordid><originalsourceid>FETCH-LOGICAL-c319t-843b9d9a7b332c001ffc5d1db9b23372826482e296b05b86454f97976aead4033</originalsourceid><addsrcrecordid>eNp9kEFLAzEQhYMoWGr_gKcFL16iyUw22XiTarVQ8aLnkN1NSku7W5NdZP-9qSvoydMMw_veYx4hl5zdcMbUbeRccEkZAGVMiJwOJ2QCIJEWCvH0z35OZjFuGWMc8kLJfEKul4uXh7tss7drl_k-btom823I9nb3aYPLate5qkvXC3Lm7S662c-ckvfF49v8ma5en5bz-xWtkOuOFgJLXWurSkSoUpD3VV7zutQlICooQIoCHGhZsrwspMiF10oraZ2tBUOckqvR9xDaj97FzmzbPjQp0iQYpUAtIKlgVFWhjTE4bw4h_RAGw5k5lmLGUkwqxXyXYoYE4QjFJG7WLvxa_0N9AQYzYeY</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2823643942</pqid></control><display><type>article</type><title>IFMD: image fusion for malware detection</title><source>Alma/SFX Local Collection</source><source>SpringerLink Journals - AutoHoldings</source><creator>Hashemi, Hashem ; Samie, Mohammad Ebrahim ; Hamzeh, Ali</creator><creatorcontrib>Hashemi, Hashem ; Samie, Mohammad Ebrahim ; Hamzeh, Ali</creatorcontrib><description>Significant advances in malware production methods in recent years and their use of advanced concealment mechanisms have made identifying such malware a major challenge in the field of computer system security. Recently generated malware has a high degree of self-protection mechanism, which makes it difficult to detect malware using traditional methods, if not impossible. Thus, there is a need to provide new malware detection methods. This research attempts to identify malware and help improve the security of computer systems by proposing a new machine learning based approach which use features extracted from image processing techniques. To this end, a new malware detection method based on image fusion of important sections of executable files is proposed. Employing a deep convolutional neural network to detect malware and focusing on the important sections of the file, the proposed method tries to convert the file into an RGB color image, fuse the resulting images, and extract the desired features. Using Transfer Matrix and RGB Mapping methods, the important sections of the file are first extracted to generate an RGB color image equivalent to the extracted sections. After this step, two color images are generated for each file, which are then combined using known image fusion techniques to obtain the final image. Then, AlexNet deep Convolutional Neural Network is used to classify malware and benign files.</description><identifier>ISSN: 2263-8733</identifier><identifier>EISSN: 2263-8733</identifier><identifier>DOI: 10.1007/s11416-022-00445-y</identifier><language>eng</language><publisher>Paris: Springer Paris</publisher><subject>Artificial neural networks ; Color imagery ; Computer Science ; Computer vision ; Cybersecurity ; Image processing ; Machine learning ; Malware ; Neural networks ; Original Paper ; Production methods ; Transfer matrices</subject><ispartof>Journal of Computer Virology and Hacking Techniques, 2023-06, Vol.19 (2), p.271-286</ispartof><rights>The Author(s), under exclusive licence to Springer-Verlag France SAS, part of Springer Nature 2022. Springer Nature or its licensor holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c319t-843b9d9a7b332c001ffc5d1db9b23372826482e296b05b86454f97976aead4033</citedby><cites>FETCH-LOGICAL-c319t-843b9d9a7b332c001ffc5d1db9b23372826482e296b05b86454f97976aead4033</cites><orcidid>0000-0001-9873-4122 ; 0000-0002-7109-2980</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/s11416-022-00445-y$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/s11416-022-00445-y$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>314,776,780,27903,27904,41467,42536,51298</link.rule.ids></links><search><creatorcontrib>Hashemi, Hashem</creatorcontrib><creatorcontrib>Samie, Mohammad Ebrahim</creatorcontrib><creatorcontrib>Hamzeh, Ali</creatorcontrib><title>IFMD: image fusion for malware detection</title><title>Journal of Computer Virology and Hacking Techniques</title><addtitle>J Comput Virol Hack Tech</addtitle><description>Significant advances in malware production methods in recent years and their use of advanced concealment mechanisms have made identifying such malware a major challenge in the field of computer system security. Recently generated malware has a high degree of self-protection mechanism, which makes it difficult to detect malware using traditional methods, if not impossible. Thus, there is a need to provide new malware detection methods. This research attempts to identify malware and help improve the security of computer systems by proposing a new machine learning based approach which use features extracted from image processing techniques. To this end, a new malware detection method based on image fusion of important sections of executable files is proposed. Employing a deep convolutional neural network to detect malware and focusing on the important sections of the file, the proposed method tries to convert the file into an RGB color image, fuse the resulting images, and extract the desired features. Using Transfer Matrix and RGB Mapping methods, the important sections of the file are first extracted to generate an RGB color image equivalent to the extracted sections. After this step, two color images are generated for each file, which are then combined using known image fusion techniques to obtain the final image. Then, AlexNet deep Convolutional Neural Network is used to classify malware and benign files.</description><subject>Artificial neural networks</subject><subject>Color imagery</subject><subject>Computer Science</subject><subject>Computer vision</subject><subject>Cybersecurity</subject><subject>Image processing</subject><subject>Machine learning</subject><subject>Malware</subject><subject>Neural networks</subject><subject>Original Paper</subject><subject>Production methods</subject><subject>Transfer matrices</subject><issn>2263-8733</issn><issn>2263-8733</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><recordid>eNp9kEFLAzEQhYMoWGr_gKcFL16iyUw22XiTarVQ8aLnkN1NSku7W5NdZP-9qSvoydMMw_veYx4hl5zdcMbUbeRccEkZAGVMiJwOJ2QCIJEWCvH0z35OZjFuGWMc8kLJfEKul4uXh7tss7drl_k-btom823I9nb3aYPLate5qkvXC3Lm7S662c-ckvfF49v8ma5en5bz-xWtkOuOFgJLXWurSkSoUpD3VV7zutQlICooQIoCHGhZsrwspMiF10oraZ2tBUOckqvR9xDaj97FzmzbPjQp0iQYpUAtIKlgVFWhjTE4bw4h_RAGw5k5lmLGUkwqxXyXYoYE4QjFJG7WLvxa_0N9AQYzYeY</recordid><startdate>20230601</startdate><enddate>20230601</enddate><creator>Hashemi, Hashem</creator><creator>Samie, Mohammad Ebrahim</creator><creator>Hamzeh, Ali</creator><general>Springer Paris</general><general>Springer Nature B.V</general><scope>AAYXX</scope><scope>CITATION</scope><orcidid>https://orcid.org/0000-0001-9873-4122</orcidid><orcidid>https://orcid.org/0000-0002-7109-2980</orcidid></search><sort><creationdate>20230601</creationdate><title>IFMD: image fusion for malware detection</title><author>Hashemi, Hashem ; Samie, Mohammad Ebrahim ; Hamzeh, Ali</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c319t-843b9d9a7b332c001ffc5d1db9b23372826482e296b05b86454f97976aead4033</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Artificial neural networks</topic><topic>Color imagery</topic><topic>Computer Science</topic><topic>Computer vision</topic><topic>Cybersecurity</topic><topic>Image processing</topic><topic>Machine learning</topic><topic>Malware</topic><topic>Neural networks</topic><topic>Original Paper</topic><topic>Production methods</topic><topic>Transfer matrices</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Hashemi, Hashem</creatorcontrib><creatorcontrib>Samie, Mohammad Ebrahim</creatorcontrib><creatorcontrib>Hamzeh, Ali</creatorcontrib><collection>CrossRef</collection><jtitle>Journal of Computer Virology and Hacking Techniques</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Hashemi, Hashem</au><au>Samie, Mohammad Ebrahim</au><au>Hamzeh, Ali</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>IFMD: image fusion for malware detection</atitle><jtitle>Journal of Computer Virology and Hacking Techniques</jtitle><stitle>J Comput Virol Hack Tech</stitle><date>2023-06-01</date><risdate>2023</risdate><volume>19</volume><issue>2</issue><spage>271</spage><epage>286</epage><pages>271-286</pages><issn>2263-8733</issn><eissn>2263-8733</eissn><abstract>Significant advances in malware production methods in recent years and their use of advanced concealment mechanisms have made identifying such malware a major challenge in the field of computer system security. Recently generated malware has a high degree of self-protection mechanism, which makes it difficult to detect malware using traditional methods, if not impossible. Thus, there is a need to provide new malware detection methods. This research attempts to identify malware and help improve the security of computer systems by proposing a new machine learning based approach which use features extracted from image processing techniques. To this end, a new malware detection method based on image fusion of important sections of executable files is proposed. Employing a deep convolutional neural network to detect malware and focusing on the important sections of the file, the proposed method tries to convert the file into an RGB color image, fuse the resulting images, and extract the desired features. Using Transfer Matrix and RGB Mapping methods, the important sections of the file are first extracted to generate an RGB color image equivalent to the extracted sections. After this step, two color images are generated for each file, which are then combined using known image fusion techniques to obtain the final image. Then, AlexNet deep Convolutional Neural Network is used to classify malware and benign files.</abstract><cop>Paris</cop><pub>Springer Paris</pub><doi>10.1007/s11416-022-00445-y</doi><tpages>16</tpages><orcidid>https://orcid.org/0000-0001-9873-4122</orcidid><orcidid>https://orcid.org/0000-0002-7109-2980</orcidid></addata></record>
fulltext fulltext
identifier ISSN: 2263-8733
ispartof Journal of Computer Virology and Hacking Techniques, 2023-06, Vol.19 (2), p.271-286
issn 2263-8733
2263-8733
language eng
recordid cdi_proquest_journals_2823643942
source Alma/SFX Local Collection; SpringerLink Journals - AutoHoldings
subjects Artificial neural networks
Color imagery
Computer Science
Computer vision
Cybersecurity
Image processing
Machine learning
Malware
Neural networks
Original Paper
Production methods
Transfer matrices
title IFMD: image fusion for malware detection
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-22T05%3A59%3A09IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=IFMD:%20image%20fusion%20for%20malware%20detection&rft.jtitle=Journal%20of%20Computer%20Virology%20and%20Hacking%20Techniques&rft.au=Hashemi,%20Hashem&rft.date=2023-06-01&rft.volume=19&rft.issue=2&rft.spage=271&rft.epage=286&rft.pages=271-286&rft.issn=2263-8733&rft.eissn=2263-8733&rft_id=info:doi/10.1007/s11416-022-00445-y&rft_dat=%3Cproquest_cross%3E2823643942%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2823643942&rft_id=info:pmid/&rfr_iscdi=true