Malware image classification: comparative analysis of a fine-tuned CNN and pre-trained models

Q2 Computer Science

International Journal of Computers and Applications Pub Date : 2023-11-02 DOI:10.1080/1206212x.2023.2270804

Santosh Kumar Majhi, Abhipsa Panda, Suresh Kumar Srichandan, Usha Desai, Biswaranjan Acharya

{"title":"Malware image classification: comparative analysis of a fine-tuned CNN and pre-trained models","authors":"Santosh Kumar Majhi, Abhipsa Panda, Suresh Kumar Srichandan, Usha Desai, Biswaranjan Acharya","doi":"10.1080/1206212x.2023.2270804","DOIUrl":null,"url":null,"abstract":"AbstractA crucial part is played by malware detection and classification in ensuring the safety and security of computer systems. In this work, a comprehensive study has been presented for the classification of harmful or malware images that uses a Convolutional Neural Network (CNN) which has been finely tuned and its performance has been compared with five pre-trained models: ResNet50, InceptionResNetV2, VGG16, Xception and InceptionV3. The suggested CNN framework has been trained using the dataset MalImg_9010, consisting of 9,376 grayscale images resized to 128 × 128 pixels. The models have been evaluated based on their F1 score, recall, precision, and accuracy. The experiments that were conducted demonstrate that the fine-tuned CNN model achieves an impressive 0.965 as the F1 score and a 95.57% accuracy. Furthermore, the comparison with pre-trained models reveals the dominance of the presented framework concerning the F1 score and accuracy. The output of the conducted simulation suggests that the fine-tuned CNN approach shows promise for accurate malware image classification. Additionally, the paper discusses potential improvements, such as increasing the number of training epochs and incorporating larger and more diverse malware datasets, including RGB images and a broader range of malware families. The current research article gives valuable observations on various models’ effectiveness for classifying malware images and highlights the future scopes for research incorporating this domain.KEYWORDS: Malware image classificationdata privacydata protectionartificial intelligencedeep learning Disclosure statementThe authors declare that they have no known competing financial or personal relationships that could be viewed as influencing the work reported in this paper. On behalf of all authors, the corresponding author states that there is no conflict of interest.","PeriodicalId":39673,"journal":{"name":"International Journal of Computers and Applications","volume":"78 4","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-11-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Computers and Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/1206212x.2023.2270804","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"Computer Science","Score":null,"Total":0}

引用次数: 0

Abstract

AbstractA crucial part is played by malware detection and classification in ensuring the safety and security of computer systems. In this work, a comprehensive study has been presented for the classification of harmful or malware images that uses a Convolutional Neural Network (CNN) which has been finely tuned and its performance has been compared with five pre-trained models: ResNet50, InceptionResNetV2, VGG16, Xception and InceptionV3. The suggested CNN framework has been trained using the dataset MalImg_9010, consisting of 9,376 grayscale images resized to 128 × 128 pixels. The models have been evaluated based on their F1 score, recall, precision, and accuracy. The experiments that were conducted demonstrate that the fine-tuned CNN model achieves an impressive 0.965 as the F1 score and a 95.57% accuracy. Furthermore, the comparison with pre-trained models reveals the dominance of the presented framework concerning the F1 score and accuracy. The output of the conducted simulation suggests that the fine-tuned CNN approach shows promise for accurate malware image classification. Additionally, the paper discusses potential improvements, such as increasing the number of training epochs and incorporating larger and more diverse malware datasets, including RGB images and a broader range of malware families. The current research article gives valuable observations on various models’ effectiveness for classifying malware images and highlights the future scopes for research incorporating this domain.KEYWORDS: Malware image classificationdata privacydata protectionartificial intelligencedeep learning Disclosure statementThe authors declare that they have no known competing financial or personal relationships that could be viewed as influencing the work reported in this paper. On behalf of all authors, the corresponding author states that there is no conflict of interest.

查看原文本刊更多论文

恶意软件图像分类:一个微调CNN和预训练模型的比较分析

摘要恶意软件的检测与分类是保障计算机系统安全的重要环节。在这项工作中，使用卷积神经网络(CNN)对有害或恶意图像进行了全面的分类研究，该网络经过精细调整，并将其性能与五个预训练模型(ResNet50, InceptionResNetV2, VGG16, Xception和InceptionV3)进行了比较。建议的CNN框架使用数据集MalImg_9010进行训练，该数据集由9,376张灰度图像组成，大小调整为128 × 128像素。这些模型已经根据它们的F1分数、召回率、精度和准确性进行了评估。实验表明，微调后的CNN模型F1得分达到了惊人的0.965，准确率达到了95.57%。此外，与预训练模型的比较揭示了所提出的框架在F1分数和准确性方面的优势。模拟结果表明，经过微调的CNN方法有望实现准确的恶意软件图像分类。此外，本文还讨论了潜在的改进，例如增加训练时代的数量，并纳入更大、更多样化的恶意软件数据集，包括RGB图像和更广泛的恶意软件家族。目前的研究文章对各种模型对恶意软件图像分类的有效性进行了有价值的观察，并强调了纳入该领域的未来研究范围。关键词:恶意软件图像分类数据隐私数据保护人工智能深度学习披露声明作者声明他们没有已知的竞争财务或个人关系，这些关系可能被视为影响本文所报道的工作。通讯作者代表所有作者声明不存在利益冲突。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Computers and Applications Computer Science-Computer Graphics and Computer-Aided Design

CiteScore

4.70

自引率

0.00%

发文量

期刊介绍： The International Journal of Computers and Applications (IJCA) is a unique platform for publishing novel ideas, research outcomes and fundamental advances in all aspects of Computer Science, Computer Engineering, and Computer Applications. This is a peer-reviewed international journal with a vision to provide the academic and industrial community a platform for presenting original research ideas and applications. IJCA welcomes four special types of papers in addition to the regular research papers within its scope: (a) Papers for which all results could be easily reproducible. For such papers, the authors will be asked to upload "instructions for reproduction'''', possibly with the source codes or stable URLs (from where the codes could be downloaded). (b) Papers with negative results. For such papers, the experimental setting and negative results must be presented in detail. Also, why the negative results are important for the research community must be explained clearly. The rationale behind this kind of paper is that this would help researchers choose the correct approaches to solve problems and avoid the (already worked out) failed approaches. (c) Detailed report, case study and literature review articles about innovative software / hardware, new technology, high impact computer applications and future development with sufficient background and subject coverage. (d) Special issue papers focussing on a particular theme with significant importance or papers selected from a relevant conference with sufficient improvement and new material to differentiate from the papers published in a conference proceedings.