Rapid and accurate identification of unknown malware and its variants is the premise and basis for the effective prevention of malicious attacks. However, with the explosive growth of malware variants, the efficiency of manual updating of the sample database is getting worse and worse. It is difficult for the traditional identification methods to effectively capture the sample feature information operated by the confusion method only based on the delayed database information. The research into the direction of malware detection is dedicated to surmounting the limitations of conventional detection methodologies, and delves deeply into the application of cutting-edge technologies such as data visualization, machine learning, and hybrid detection within the realm of malware detection. Through these investigations, our goal is to construct a detection system that is both more precise and efficient, capable of addressing the ever-evolving threats to cybersecurity. Pursuing research in this direction is not only vital for enhancing network security defenses and safeguarding user data, but it will also foster the advancement of related state-of-the-art technologies and further mitigate the economic and societal repercussions of malware attacks. In light of this issue, this paper proposes the Image-based Malware Classification with Multi-scale Kernels (IMCMK), a Convolutional Neural Network (CNN) architecture using multi-scale convolution kernels mixing action to improve malware variants detection capabilities. First, we propose the Multi-scale Kernels (MK) block combining deep large kernel convolution and standard small kernel convolution with shortcuts to improve the accuracy. Furthermore, we propose Multi-scale Kernel Fusion (MKF) to reduce the number of parameters that come with the large kernels. The improved Squeeze-and-Excitation (SE) block can obtain the correlation between different channels to further increase the model performance. Experimental results show that IMCMK outperforms the state-of-the-art methods in malware family classification accuracy, which has achieved 99.25 %.
Read full abstract