Data-Driven Malware Detection for 6G Networks: A Survey From the Perspective of Continuous Learning and Explainability via Visualisation

Abstract

5G is inherently prone to security vulnerabilities. We witness that many today's networks contain 5G security flaws due to their reliance on the existing 4G network core. A lack of security standards for 5G IoT devices means network breaches and malware threats might run uncontrolled. The future 6G network is predicted to be implemented with artificial intelligence-driven communication via machine learning, enhanced edge computing, post-quantum cryptography and so forth. With the activation of edge computing, the computing power available at supercomputing servers is to be integrated directly into the devices at the entry point of a network in a distributed manner ( <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">e.g.</i> , antennas, routers, IoT sensors, <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">etc</i> ). This feature brings an equal quality of service everywhere including remote regions ( <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">a.k.a</i> service everywhere) which will trigger an exponential growth of associated applications. In this intricate environment, malware attacks are becoming more challenging to detect. This paper thus reviews the theoretical and experimental data-driven malware detection literature, in the large-scale data-intensive field, relating to: (1) continuous learning, including new concepts in multi-domain to multi-target learning and the challenges associated with unseen/unknown data, imbalance data and data scarcity, and (2) new explainability via visualisation concepts with a multi-labelling approach which allows identifying malware by their recipes while improving the interpretability of its decision process.