Journal article 41 views 15 downloads
Cyber-Threat Detection System Using a Hybrid Approach of Transfer Learning and Multi-Model Image Representation
Sensors, Volume: 22, Issue: 15, Start page: 5883
Swansea University Author: Cheng Cheng
-
PDF | Version of Record
© 2022 by the authors. This is an open access article distributed under the terms of the Creative Commons Attribution (CC BY) license.
Download (7.21MB)
DOI (Published version): 10.3390/s22155883
Abstract
Currently, Android apps are easily targeted by malicious network traffic because of their constant network access. These threats have the potential to steal vital information and disrupt the commerce, social system, and banking markets. In this paper, we present a malware detection system based on w...
Published in: | Sensors |
---|---|
ISSN: | 1424-8220 |
Published: |
MDPI AG
2022
|
Online Access: |
Check full text
|
URI: | https://cronfa.swan.ac.uk/Record/cronfa67671 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Abstract: |
Currently, Android apps are easily targeted by malicious network traffic because of their constant network access. These threats have the potential to steal vital information and disrupt the commerce, social system, and banking markets. In this paper, we present a malware detection system based on word2vec-based transfer learning and multi-model image representation. The proposed method combines the textual and texture features of network traffic to leverage the advantages of both types. Initially, the transfer learning method is used to extract trained vocab from network traffic. Then, the malware-to-image algorithm visualizes network bytes for visual analysis of data traffic. Next, the texture features are extracted from malware images using a combination of scale-invariant feature transforms (SIFTs) and oriented fast and rotated brief transforms (ORBs). Moreover, a convolutional neural network (CNN) is designed to extract deep features from a set of trained vocab and texture features. Finally, an ensemble model is designed to classify and detect malware based on the combination of textual and texture features. The proposed method is tested using two standard datasets, CIC-AAGM2017 and CICMalDroid 2020, which comprise a total of 10.2K malware and 3.2K benign samples. Furthermore, an explainable AI experiment is performed to interpret the proposed approach. |
---|---|
Keywords: |
malware detection; malware visualization; transfer learning; network traffic; explainable AI; cyber security |
College: |
Faculty of Science and Engineering |
Funders: |
This research received no external funding. |
Issue: |
15 |
Start Page: |
5883 |