Image-based malware representation approach with EfficientNet convolutional neural networks for effective malware classification

Abstract

The targeted malware attacks are usually created by few crime groups. They may essentially use their existing malware sample malicious code to rebuild the variants for sophistication and evade the malware detection. This trend emphasizes the importance of performing the malware family classification for applying the effective malware mitigation and prevention strategies. In this paper, we propose an efficient neural network model EfficientNetB1 to perform the malware family classification using the malware byte level image representation technique. To alleviate the computation resource consumption caused by deep learning (DL) models training and testing the various Convolutional Neural Network (CNN) based models, we have performed the performance and computational efficiency evaluation of the various CNN pretrained models to select the best CNN network architecture for malware classification. Additionally, the CNN pretrained models are evaluated against the different types of malware image representation methods, which are distinguished based on selection of the image width size. Our evaluation of the proposed model EfficientNetB1 shows that it has achieved an accuracy of 99% to classify the Microsoft Malware Classification Challenge (MMCC) malware classes using the malware image representation with fixed image width and also require fewer network parameters compared to other pretrained models to achieve the performance accuracy. Furthermore, various visualization techniques were used to compare the performances of the various CNN pretrained models.