Cyber-threat detection system using a hybrid approach of transfer learning and multi-model image representation
Ullah, Farhan 
ORCID: https://orcid.org/0000-0002-1030-1275, Ullah, Shamsher, Naeem, Muhammad Rashid, Mostarda, Leonardo, Rho, Seungmin and Cheng, Xiaochun ORCID: https://orcid.org/0000-0003-0371-9646
(2022)
Cyber-threat detection system using a hybrid approach of transfer learning and multi-model image representation.
Sensors, 22
(15)
, e5883.
pp. 1-26.
ISSN 1424-8220
[Article]
(doi:10.3390/s22155883)
|
PDF
- Published version (with publisher's formatting)
Available under License Creative Commons Attribution 4.0. Download (2MB) | Preview |
Abstract
Currently, Android apps are easily targeted by malicious network traffic because of their constant network access. These threats have the potential to steal vital information and disrupt the commerce, social system, and banking markets. In this paper, we present a malware detection system based on word2vec-based transfer learning and multi-model image representation. The proposed method combines the textual and texture features of network traffic to leverage the advantages of both types. Initially, the transfer learning method is used to extract trained vocab from network traffic. Then, the malware-to-image algorithm visualizes network bytes for visual analysis of data traffic. Next, the texture features are extracted from malware images using a combination of scale-invariant feature transforms (SIFTs) and oriented fast and rotated brief transforms (ORBs). Moreover, a convolutional neural network (CNN) is designed to extract deep features from a set of trained vocab and texture features. Finally, an ensemble model is designed to classify and detect malware based on the combination of textual and texture features. The proposed method is tested using two standard datasets, CIC-AAGM2017 and CICMalDroid 2020, which comprise a total of 10.2K malware and 3.2K benign samples. Furthermore, an explainable AI experiment is performed to interpret the proposed approach.
| Item Type: | Article |
|---|---|
| Additional Information: | This article belongs to the Special Issue Cybersecurity Issues in Smart Grids and Future Power Systems |
| Keywords (uncontrolled): | malware detection, malware visualization, transfer learning, network traffic, explainable AI, cyber security |
| Research Areas: | A. > School of Science and Technology > Computer Science |
| Item ID: | 35533 |
| Notes on copyright: | Copyright: © 2022 by the authors. Licensee MDPI, Basel, Switzerland.
This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0) |
| Useful Links: | |
| Depositing User: | Jisc Publications Router |
| Date Deposited: | 09 Aug 2022 08:11 |
| Last Modified: | 01 Sep 2022 14:56 |
| URI: | https://eprints.mdx.ac.uk/id/eprint/35533 |
Actions (login required)
 |
View Item |
Statistics
Additional statistics are available via IRStats2.
CORE (COnnecting REpositories)
CORE (COnnecting REpositories)