AI-based malware threat prediction through CNN-SVM ensemble

The dynamic terrain of malware attacks presents noteworthy obstacles to cyber security, necessitating for proactive and resilient detection techniques. Conventional signature-based methods struggle to keep pace with the new malware strains and obfuscation strategies. A systematic literature review was conducted to investigate existing methods for malware threat prediction and detection using machine learning and deep learning techniques. The review identified several promising approaches: convolutional neural networks, graph neural networks, and visual malware characterization achieving 95-99% accuracy on malware classification and detection tasks. However, major gaps were identified in the models’ generalizability across diverse malware types, robustness against evasion attempts, lack of interpretability due to the black-box nature of deep learning models, and limited evaluation on real-world emerging threats as opposed to controlled datasets. This project aimed to develop an AI-based threat predictive algorithm that leverages the power of deep learning and machine learning for effective malware detection and prediction. The suggested method utilises an ensemble approach that combines a convolutional neural network (CNN) for pattern recognition in malware code structures with a support vector machine (SVM) for robust decision boundaries in the feature space, thereby enhancing generalization, interpretability and adversarial resilience. By evaluating the model on the MalImg dataset, the system achieved 92.37% accuracy. Although the developed system exhibits optimal outcomes, several areas could use more improvement. This project contributes to the ongoing efforts in combating malware threats and highlights the potential of combining deep learning and traditional machine learning techniques for effective threat prediction and detection.

© 2024 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.