Skip to main content
SpringerLink
Log in

Malware visualization and detection using DenseNets

  • Original Paper
  • Published:
Personal and Ubiquitous Computing Aims and scope Submit manuscript

Abstract

Rapid advancement in the sophistication of malware has posed a serious impact on the device connected over the Internet. Malware writing is driven by economic benefits; thus, an alarming increase in malware variants is witnessed. Recently, a large volume of malware attacks are reported on Internet of Things (IoT) networks; as these devices are exposed to insecure segments, further IoT devices reported have hardcoded credentials. To combat malware attacks on mobile devices and desktops, deep learning-based detection approaches have been attempted to detect malware variants. The existing solutions require large computational overhead and also have limited accuracy. In this paper, we visualize malware as Markov images to preserve semantic information of consecutive pixels. We further extract textures from Markov images using Gabor filter (named as Gabor images), and subsequently develop models using VGG-3 and Densely Connected Network (DenseNet). To encourage real-time malware detection and classification, we fine-tune Densely Connected Network. These models are trained and evaluated on two datasets namely Malimg and BIG2015. In our experimental evaluations, we found that DenseNet identifies Malimg and BIG2015 samples with accuracies of 99.94% and 98.98%, respectively. Additionally, the performance of our proposed method in classifying malware files to their respective families is superior compared to the state-of-the approach calibrated using prediction time, F1-score, and accuracy.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

References

  1. BBC N Cyber-attack: Europol says it was unprecedented in scale. http://www.bbc.com/news/world-europe-39907965

  2. https://blog.logsign.com/the-biggest-cyber-attacks-in-2019/ (accessed Jan 1, 2021)

  3. Internet security threat report 2021, https://www.sophos.com/en-us/medialibrary/pdfs/technical-papers/sophos-2021-threat-report.pdf

  4. https://crowdresearchpartners.com/portfolio/byod-mobile-security-report/(accessed Jan.1, 2021)

  5. AV-Test Threat Report: https://www.av-test.org/de/statistiken/malware/ (accessed Jan 1, 2020)

  6. Kang H, Jang J, Mohaisen A, Kim H K (2015) Detecting and Classifying Android Malware Using Static Analysis along with Creator Information. Int J Distrib Sens Netw 11(6)

  7. Han W, Xue J, Wang Y, Huang L, Kong Z, Mao L (2019) MalDAE: Detecting and explaining malware based on correlation and fusion of static and dynamic characteristics. Comput Secur 83:208–233

    Article  Google Scholar 

  8. Pascanu R, Stokes J W, Sanossian H, Marinescu M, Thomas A (2015) Malware classification with recurrent networks. In: Proc. IEEE Int. Conf. Acoust., Speech Signal Process. (ICASSP), pp 1916–1920.

  9. Vinayakumar R, Alazab M, Soman K P, Poornachandran P, Venkatraman S (2019) Robust Intelligent Malware Detection Using Deep Learning. IEEE Access 7:46717–46738

    Article  Google Scholar 

  10. Nataraj L, Karthikeyan S, Jacob G, Manjunath BS (2011) Malware Images: Visualization and Automatic Classification. In: Proc. 8th International Symposium, Visualization for Cyber Security, VizSec

  11. Fu J, Xue J, Wang Y, Liu Z, Shan C (2018) Malware Visualization for Fine-Grained Classification. IEEE Access 6:14510–14523

    Article  Google Scholar 

  12. Zhong W, Gu F (2019) A Multi-Level deep learning system for malware detection. Expert Syst Appl 133:151–162

    Article  Google Scholar 

  13. Hazra A, Choudhary P, Sheetal Singh M (2021) Recent Advances in Deep Learning Techniques and Its Applications: An Overview. In: Rizvanov A.A, Singh B.K, Ganasala P (eds) Advances in Biomedical Engineering and Technology, Lecture Notes in Bioengineering. Springer, Singapore, pp 103–122

  14. Gibert D, Mateu C, Planes J, Vicens R (2018) Classification of malware by using structural entropy on convolutional neural networks the thirtieth. AAAI conference on innovative applications of artificial intelligence (IAAI-18)

  15. Agarap A F, Pepito F J H (2017) Towards building an intelligent anti-malware system: A deep learning approach using support vector machine (SVM) for malware classification, [online] Available: https://arxiv.org/abs/1801.003181801.00318

  16. Le Q, Boydell O, Namee BM, Scanlon M (2018) Deep learning at the shallow end: Malware classification for non-domain experts. Digit Invest 26(Supplement):S118–S126

  17. Jain A, Phanishayee A, Mars J, Tang L, Pekhimenko G (2018) Gist: Efficient Data Encoding for Deep Neural Network Training. ACM/IEEE 45th Annual International Symposium on Computer Architecture (ISCA), Los Angeles, pp 776–789

  18. Zhang J, Qin Z, Yin H, Ou L, Zhang K (2019) A feature-hybrid malware variants detection using CNN based opcode embedding and BPNN based API embedding. Comput Secur 84:376– 392

    Article  Google Scholar 

  19. Kim T, Kang B, Rho M, Sezer S, Im E G (2019) A multimodal deep learning method for android malware detection using various features. IEEE Trans Inf Forensic Secur 14(3):773–788

    Article  Google Scholar 

  20. Nezhadkamali M, Soltani S, Seno S A H (2017) Android malware detection based on overlapping of static features. 7th International Conference on Computer and Knowledge Engineering (ICCKE)

  21. Vasan D, Alazab M, Wassan S, Naeem H, Safaei B, Zheng Q (2020) IMCFN: Image-Based Malware Classification using Fine-tuned Convolutional Neural Network Architecture. Comput Netw 171

  22. Shezan F H, Afroze SF, Iqbal A (2017) Vulnerability detectio n in recent Android apps: An empirical study. 2017 International Conference on Networking, Systems and Security (NSysS)

  23. Xue D, Li J, Lv T, Wu W, Wang J (2019) Malware Classification Using Probability Scoring and Machine Learning. IEEE Access 7:91641–91656

    Article  Google Scholar 

  24. Yoo S, Kim S, Kim S, Kang B B (2020) AI-hydra: Advanced hybrid approach using random forest and deep learning for malware classification. Inf Sci 546:420–435

    Article  MathSciNet  Google Scholar 

  25. Zhao Y-l, Qian Q (2018) Android Malware Identification Through Visual Exploration of Disassembly Files. Int J Netw Secur 20(6):1061–1073

  26. Han K, Kang B, Im E G (2014) Malware analysis using visualized image matrices. Sci World J:1–15

  27. Yuan B, Wang J, Liu D, Guo W, Wua P, Bao X (2020) Byte-level Malware Classification Based on Markov Images and Deep Learning. Comput Secur 92

  28. Kalash M, Rochan M, Mohammed N, Bruce NDB, Wang Y, Iqbal F (2018) Malware Classification with Deep Convolutional Neural Networks. 2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS), Paris, pp 1–5

  29. Roseline S A, Geetha S, Kadry S, Nam Y (2020) Intelligent Vision-Based Malware Detection and Classification Using Deep Random Forest Paradigm. IEEE Access 8:206303–206324

  30. Gibert D, Mateu C, Planes J, Vicens R (2019) Using convolutional neural networks for classification of malware represented as images. J Comput Virol Hacking Techn 15(1):15–28

    Article  Google Scholar 

  31. Khan RU, Zhang X, Kumar R (2019) Analysis of ResNet and GoogleNet models for malware detection. J Comput Virol Hacking Techn 15(1):29–37

    Article  Google Scholar 

  32. Naeem H, Ullah F, Naeem M R, Khalid S, Vasan D, Jabbar S, Saeed S (2020) Malware detection in industrial internet of things based on hybrid image visualization and deep learning model. Ad Hoc Netw 10:102154

  33. Tuncer T, Ertam F, Dogan S (2021) Automated malware identification method using image descriptors and singular value decomposition. Multimed Tools Appl:1–20

  34. Çayır A, Unal U, Dağ H (2021) Random CapsNet forest model for imbalanced malware type classification task. Comput Secur 102:102133

  35. Sun G, Qian Q (2021) Deep Learning and Visualization for Identifying Malware Families. IEEE Trans Depend Sec Comput 18(1):283–295

    Article  MathSciNet  Google Scholar 

  36. Feng R, Chen S, Xie X, Meng G, Lin S-W, Liu Y (2021) A Performance-Sensitive Malware Detection System Using Deep Learning on Mobile Devices. IEEE Trans Inf Forensic Secur 16:1563–1578

  37. Cui Z, Xue F, Cai X, Cao Y, Wang G-g, Chen J (2018) Detection of Malicious Code Variants Based on Deep Learning. IEEE Trans Ind Inform 14(7)

  38. Portable freeware collection, https://www.portablefreeware.com/ (accessed Feb 1, 2020)

  39. Softonic, https://en.softonic.com/windows (accessed March 1, 2020)

  40. Sourceforge https://sourceforge.net/ (accessed March 1, 2020)

  41. DriverPack solution, https://drp.su/en (accessed February 18, 2020)

  42. Ronen R, Radu M, Feuerstein C, Yom-Tov E, Ahmadi M (2018) Microsoft Malware Classification Challenge, arXiv:1802.10135

  43. Yajamanam S, Selvin VRS (2018) Fabio di troia and Mark Stamp. Deep Learning versus Gist Descriptors for Image-based Malware Classification. 4th International Conference on Information Systems Security and Privacy, pp 553–561

  44. Huang G, Liu Z, van der ML, Weinberger K Q (2017) Densely connected convolutional networks 2017. IEEE conference on computer vision and pattern recognition (CVPR)

  45. Hussain M, Jordan J, Bird J J, Faria D R (2018) A Study on CNN Transfer Learning for Image Classification. Proceedings of 18th Annual UK Workshop on Computational Intelligence Nottingham

  46. Rezende E, Ruppert G, Carvalho T, Theophilo A, Ramos F, de Geus P (2018) Malicious software classification using VGG16 deep neural network’s bottleneck features. In: Information Technology-New Generations. Springer, Cham, pp 51–59

  47. Hazra A (2021) A comprehensive survey on chest diseases analysis: technique, challenges and future research directions. International Journal of Multimedia Information Retrieval

  48. Choudhary P, Hazra A (2019) Chest disease radiography in twofold: using convolutional neural networks and transfer learning. Evolving Systems

  49. C2LOP: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/C2Lop.gen!M(Accessed on 2-December,2020)

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, SCMS School of Engineering and Technology, APJ Abdul Kalam Technological University, Thiruvanthapuram, Kerala, India

    V. Anandhi & Varun G. Menon

  2. Department of Computer Applications, Cochin University of Science and Technology, Cochin, Kerala, India

    P. Vinod

Authors
  1. V. Anandhi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. P. Vinod
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Varun G. Menon
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to P. Vinod.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Anandhi, V., Vinod, P. & Menon, V.G. Malware visualization and detection using DenseNets. Pers Ubiquit Comput 28, 153–169 (2024). https://doi.org/10.1007/s00779-021-01581-w

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00779-021-01581-w

Keywords

Search

Navigation