Meta-HFMD: A Hierarchical Feature Fusion Malware Detection Framework via Multi-task Meta-learning

With the proliferation of malware, malware detection techniques have become more critical to protect the security and privacy of users. While existing malware detection techniques have achieved superior accuracy and detection rates, most of these techniques require a large number of labeled samples for training. In general, assembling a large amount of reliable data is still expensive, time-consuming, and even impossible. These malware detection techniques do not achieve good results on a small number of labeled samples and do not have the capability to detect new or variant malware. Therefore, it is necessary to investigate solutions for detecting malware in the few-shot scenario. This paper proposes a hierarchical feature fusion malware detection framework based on multi-task meta-learning, namely Meta-HFMD. The proposed framework first adopts a hierarchical feature fusion approach to learn hierarchical spatial traffic features from packet-level and flow-level. Then, it constructs an efficient multi-task malware detection model based on model-agnostic meta-learning (MAML), which can detect malware with tiny labeled samples. Experimental results demonstrate that Meta-HFMD achieves satisfactory results in the few-shot malware detection task, both in single-platform and cross-platform environments, and its performance metrics outperform other baseline models.