ConvNeXt_GHSA：集成混合门控注意的恶意软件图像分类

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications Pub Date : 2025-10-09 DOI:10.1016/j.jisa.2025.104259

Junhai Li , Yu Zhang , Yuanquan Shi , Yujun Yang

{"title":"ConvNeXt_GHSA：集成混合门控注意的恶意软件图像分类","authors":"Junhai Li , Yu Zhang , Yuanquan Shi , Yujun Yang","doi":"10.1016/j.jisa.2025.104259","DOIUrl":null,"url":null,"abstract":"<div><div>Malware classification based on image representation has emerged as an effective approach to enhancing security systems against evolving threats. However, challenges such as suboptimal feature extraction, insufficient adaptive attention fusion, and class imbalance remain unresolved. To address these issues, this paper proposes a deep learning-based classification framework named ConvNeXt_GHSA. The model is built upon a pretrained ConvNeXt backbone and incorporates a novel Gated Hybrid Self-Attention (GHSA) mechanism, which integrates channel, local, and global attention branches to capture multi-scale, discriminative features. At gating strategy is employed to adaptively fuse information from the three branches according to their contextual relevance. Additionally, Focal Loss and label smoothing are adopted during training to alleviate the impact of class imbalance and enhance minority class recognition. Experimental evaluations on three public malware image datasets—Malimg, MaleVis, and Dumpware10—demonstrate that ConvNeXt_GHSA achieves classification accuracies of 99.79%, 99.23%, and 99.78%, respectively. These results confirm the proposed model's robustness, effectiveness, and generalization ability in malware image classification tasks.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"94 ","pages":"Article 104259"},"PeriodicalIF":3.7000,"publicationDate":"2025-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"ConvNeXt_GHSA: Integrating hybrid gated attention for malware image classification\",\"authors\":\"Junhai Li , Yu Zhang , Yuanquan Shi , Yujun Yang\",\"doi\":\"10.1016/j.jisa.2025.104259\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>Malware classification based on image representation has emerged as an effective approach to enhancing security systems against evolving threats. However, challenges such as suboptimal feature extraction, insufficient adaptive attention fusion, and class imbalance remain unresolved. To address these issues, this paper proposes a deep learning-based classification framework named ConvNeXt_GHSA. The model is built upon a pretrained ConvNeXt backbone and incorporates a novel Gated Hybrid Self-Attention (GHSA) mechanism, which integrates channel, local, and global attention branches to capture multi-scale, discriminative features. At gating strategy is employed to adaptively fuse information from the three branches according to their contextual relevance. Additionally, Focal Loss and label smoothing are adopted during training to alleviate the impact of class imbalance and enhance minority class recognition. Experimental evaluations on three public malware image datasets—Malimg, MaleVis, and Dumpware10—demonstrate that ConvNeXt_GHSA achieves classification accuracies of 99.79%, 99.23%, and 99.78%, respectively. These results confirm the proposed model's robustness, effectiveness, and generalization ability in malware image classification tasks.</div></div>\",\"PeriodicalId\":48638,\"journal\":{\"name\":\"Journal of Information Security and Applications\",\"volume\":\"94 \",\"pages\":\"Article 104259\"},\"PeriodicalIF\":3.7000,\"publicationDate\":\"2025-10-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Security and Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2214212625002960\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212625002960","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

基于图像表示的恶意软件分类已经成为增强安全系统抵御不断发展的威胁的有效方法。然而，诸如次优特征提取、自适应注意力融合不足和类别不平衡等挑战仍未得到解决。为了解决这些问题，本文提出了一个基于深度学习的分类框架ConvNeXt_GHSA。该模型建立在预训练的ConvNeXt主干上，并结合了一种新型的门控混合自注意（GHSA）机制，该机制集成了通道、本地和全局注意分支，以捕获多尺度、判别特征。采用门控策略，根据上下文相关性自适应融合三个分支的信息。此外，在训练过程中采用Focal Loss和标签平滑来缓解类不平衡的影响，提高少数类的识别能力。在三个公开的恶意软件图像数据集（malimg、MaleVis和dumpware10）上的实验评估表明，ConvNeXt_GHSA的分类准确率分别达到了99.79%、99.23%和99.78%。这些结果证实了该模型在恶意软件图像分类任务中的鲁棒性、有效性和泛化能力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

ConvNeXt_GHSA: Integrating hybrid gated attention for malware image classification

Malware classification based on image representation has emerged as an effective approach to enhancing security systems against evolving threats. However, challenges such as suboptimal feature extraction, insufficient adaptive attention fusion, and class imbalance remain unresolved. To address these issues, this paper proposes a deep learning-based classification framework named ConvNeXt_GHSA. The model is built upon a pretrained ConvNeXt backbone and incorporates a novel Gated Hybrid Self-Attention (GHSA) mechanism, which integrates channel, local, and global attention branches to capture multi-scale, discriminative features. At gating strategy is employed to adaptively fuse information from the three branches according to their contextual relevance. Additionally, Focal Loss and label smoothing are adopted during training to alleviate the impact of class imbalance and enhance minority class recognition. Experimental evaluations on three public malware image datasets—Malimg, MaleVis, and Dumpware10—demonstrate that ConvNeXt_GHSA achieves classification accuracies of 99.79%, 99.23%, and 99.78%, respectively. These results confirm the proposed model's robustness, effectiveness, and generalization ability in malware image classification tasks.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.