Radon transform based malware classification in cyber-physical system using deep learning

Abstract

The development of cyber-physical systems entails the growth and diversity of malware, which increases the scale of cybersecurity threats. Attackers use malicious software to compromise various components of cyber-physical systems. Existing technologies make it possible to reduce the risk of malware infection using vulnerability and intrusion scanners, network analyzers, and other tools. However, there is no perfect protection against the increasingly sophisticated types of malware. The goal of this research is to solve this problem by combining different visual representations of malware and detection models based on transfer learning. This method considers two pre-trained deep neural network models (AlexNet and MobileNet) that are capable of differentiating various malware families using grayscale images. Radon transform is applied to the resulting grayscale malware images to improve the classification accuracy of the new malware binaries. The proposed model is evaluated using three datasets (Microsoft Malware Classification, IoT_Malware and MalNet-Image datasets). The results show the superiority of the proposed model based on transfer learning over other methods in terms of the efficiency of classifying malware families aimed at infecting cyber-physical systems.