Employing Incremental Learning for the Detection of Multiclass New Malware Variants

Abstract

Background/Objectives: The study aims to achieve two main objectives. The first is to reliably identify and categorize malware variations to maintain the security of computer systems. Malware poses a continuous threat to digital information and system integrity, hence the need for effective detection tools. The second objective is to propose a new incremental learning method. This method is designed to adapt over time, continually incorporating new data, which is crucial for identifying and managing multiclass malware variants. Methods: This study utilised an incremental learning technique as the basis of the approach, a type of machine learning whereby a system retains previous knowledge and builds upon the information from the newly acquired data. Particularly, this method is suitable for tackling mutating character of malware dangers. The researchers used various sets of actual world malwares for evaluating the applicability of these ideas which serves as an accurate test environment. Findings: The findings of the research are significant. We utilizing 6 different datasets, which included 158,101 benign and malicious instances, the method demonstrated a high attack detection accuracy of 99.34%. Moreover, the study was successful in identifying a new category of malware variants and distinguishing between 15 different attack categories. These results underscore the effectiveness of the proposed incremental learning method in a real-world scenario. Novelty: This research is unique because of the novel use of a tailored incremental learning technique for dealing with dynamic threat environment of malwares. However, with a new threat they cannot be so well adapted using traditional machine learning methods. On the other hand, the technique put forward in this paper facilitates continuous learning that can be modified to match different types of malicious software as they develop. The ability to evolve and adapt is an important addition to current cybersecurity practices that include malware identification and classification. Keywords: Cybersecurity, Malware Detection, Incremental learning