Physics Maths Engineering
Image-Based Malware Detection Using α-Cuts and Binary Visualisation
Betty Saridou,
Betty Saridou
Lab of Mathematics and Informatics (ISCE), Faculty of Mathematics, Programming and General Courses, Department of Civil Engineering, School of Engineering, Democritus University of Thrace
Isidoros Moulas,
Stavros Shiaeles,
Stavros Shiaeles
Centre for Cybercrime and Economic Crime, University of Portsmouth
Basil Papadopoulos
Basil Papadopoulos
Lab of Mathematics and Informatics (ISCE), Faculty of Mathematics, Programming and General Courses, Department of Civil Engineering, School of Engineering, Democritus University of Thrace
Related Subjects
Abstract
Image conversion of malicious binaries, or binary visualisation, is a relevant approach in the security community. Recently, it has exceeded the role of a single-file malware analysis tool and has become a part of Intrusion Detection Systems (IDSs) thanks to the adoption of Convolutional Neural Networks (CNNs). However, there has been little effort toward image segmentation for the converted images. In this study, we propose a novel method that serves a dual purpose: (a) it enhances colour and pattern segmentation, and (b) it achieves a sparse representation of the images. According to this, we considered the R, G, and B colour values of each pixel as respective fuzzy sets. We then performed α-cuts as a defuzzification method across all pixels of the image, which converted them to sparse matrices of 0s and 1s. Our method was tested on a variety of dataset sizes and evaluated according to the detection rates of hyperparameterised ResNet50 models. Our findings demonstrated that for larger datasets, sparse representations of intelligently coloured binary images can exceed the model performance of unprocessed ones, with 93.60% accuracy, 94.48% precision, 92.60% recall, and 93.53% f-score. This is the first time that α-cuts were used in image processing and according to our results, we believe that they provide an important contribution to image processing for challenging datasets. Overall, it shows that it can become an integrated component of image-based IDS operations and other demanding real-time practices.
Key Questions
What is the focus of the study?
The study focuses on enhancing image-based malware detection by applying α-cuts to binary visualizations of malicious binaries, aiming to improve color and pattern segmentation and achieve sparse image representations.
How are α-cuts utilized in this research?
In this research, the R, G, and B color values of each pixel are considered as respective fuzzy sets. α-cuts are then applied as a defuzzification method across all pixels, converting them into sparse matrices of 0s and 1s, thereby enhancing color and pattern segmentation.
What methodology was used to evaluate the proposed approach?
The proposed method was tested on various dataset sizes and evaluated using hyperparameterized ResNet50 models. The performance metrics included accuracy, precision, recall, and f-score to assess the effectiveness of the approach.
What were the key findings of the study?
The study found that for larger datasets, the sparse representations of intelligently colored binary images achieved through α-cuts can surpass the performance of unprocessed images. Specifically, the method achieved 93.60% accuracy, 94.48% precision, 92.60% recall, and a 93.53% f-score.
What is the significance of this research in the field of image processing?
This research is significant as it is the first to apply α-cuts in image processing for malware detection. The findings suggest that α-cuts provide an important contribution to handling challenging datasets and can be integrated into image-based Intrusion Detection Systems (IDS) and other demanding real-time applications.
