Visualization Approach for Malware Classification with ResNeXt

The Internet has resulted in cyber-threats and cyber-crimes, which can occur anywhere at any time. Among various cyber threats, modern malware with applied metamorphosis and polymorphic technology is a concern as it can proliferate to advanced variants from its original shape. The typical malware analysis methods, including signature-based approach, remain vulnerable to such advanced variants. This paper proposes a visualization-based approach for malware analysis using the state-of-the-art Convolution Neural Network (CNN) model such as ResNeXt, which had achieved outstanding performance in image classifications with competitive computational complexity. The proposed method transforms the attributes of raw malware binary executable files to greyscale images for further analysis by well-established deep learning models. The greyscale images, which result of data transformation for visualization, are classified using ResNeXt. The experiment results show that the proposed solution achieves 98.32% and 98.86% of accuracy in malware classification on Malimg dataset and modified Malimg dataset, respectively. The proposed method outperforms other comparable methods in terms of classification accuracy and requires similar level of computational power.