CNN-Based Malware Family Classification and Evaluation

Due to the diversity of malware types and families and the rapid increase of malware attacks, there is a need to develop a way to find and categorize the malware to its families. Traditional malware classification techniques depend on malware signatures, which are known to be associated with certain malware families or variants. However, the rapid increase of new malware variants with unknown signatures makes malware classification challenging. We proposed a convolutional neural network (CNN) architecture to classify malware to their corresponding families. In our work, we propose a simple three-layer CNN to classify images of malware to their corresponding families. Additionally, we compare our proposed architecture to two slandard CNN architectures: AlexNet and ResNet Our proposed architecture achieves an accuracy nf about 97.81%, compared to 92.08% and 96.77% for AlexNet and ResNet, respectively. The proposed architecture was evaluated using the publicly available Malimg dataset, which contains over 9000 images divided into 25 families. Streamlit is employed to deploy our model. The next step involves researching how to convert various types of malwares into images, which will be fitted into our model to classify them into one of our 25 families. To make this project encompasses the entire process from a benign file to deployment.