Vol. 1 No. 1 (2021): Journal of Millimeterwave Communication, Optimization and Modelling

Visual Malware Detection by Deep Learning Techniques in Windows System

Hussein Almusawi
Phd Candidate
JOMCOM Journal Cover

Published 07.11.2021


  • Malware,
  • Convulational Neural Network,
  • Deep Learning,
  • Malware Image


The number of malware is increasing dramatically day by day with the development of modern technologies such as the Internet and electronic banks, so we need advanced technology to detect this malicious software more effective than anti-virus programs that rely on the signature of malicious software, which has proven its failure in some cases. In this study, the deep learning technique which is one of the branches of artificial intelligence through Convolutional Neural Network (CNN) has been proposed and applied to dataset called Malimg which consist of 25 families and 9339 samples of malware gray scale images and these images converted from malware binary files. The result of our method has proven its efficiency by obtaining an accuracy of 96.76% in malware detection.



  1. AV-TEST, “Last 10 years malware statistics.” https://www.av-test.org/en/statistics/malware/ (accessed May 13, 2021).
  2. Symantic, “Internet Security Threat Report 2016.” https://docs.broadcom.com/doc/istr-21-2016-en (accessed Apr. 30, 2021).
  3. A. Liptak, “The WannaCry ransomware attack has spread to 150 countries.” https://www.theverge.com/2017/5/14/15637888/authorities-wannacry-ransomware-attack-spread-150-countries (accessed May 01, 2021).
  4. A. Patil and M. Rane, “Convolutional Neural Networks: An Overview and Its Applications in Pattern Recognition,” Smart Innov. Syst. Technol., vol. 195, pp. 21–30, 2021, doi: 10.1007/978-981-15-7078-0_3.
  5. S. Choi, S. Jang, Y. Kim, and J. Kim, “Malware detection using malware image and deep learning,” in 2017 International Conference on Information and Communication Technology Convergence (ICTC), 2017, pp. 1193–1195.
  6. N. Idika and A. P. Mathur, “A Survey of Malware Detection Techniques,” SERC Tech. Reports, no. October, 2007, [Online]. Available: http://www.serc.net/report/tr286.pdf.
  7. Y. Liu and Y. Wang, “A robust malware detection system using deep learning on API calls,” Proc. 2019 IEEE 3rd Inf. Technol. Networking, Electron. Autom. Control Conf. ITNEC 2019, no. Itnec, pp. 1456–1460, 2019, doi: 10.1109/ITNEC.2019.8728992.
  8. F. D. Q. Ghdo, Z. Odujh, and V. Uhfrjqlwlrq, “Identification of malicious code variants based on image visualization,” no. 978, pp. 581–585, 2020.
  9. G. Sun and Q. Qian, “Deep Learning and Visualization for Identifying Malware Families,” IEEE Trans. Dependable Secur. Comput., vol. 18, no. 1, pp. 283–295, 2021, doi: 10.1109/TDSC.2018.2884928.
  10. J. Hemalatha, S. A. Roseline, S. Geetha, S. Kadry, and R. Damaševičius, “An Efficient DenseNet-Based Deep Learning Model for Malware Detection,” Entropy, vol. 23, no. 3, p. 344, 2021, doi: 10.3390/e23030344.
  11. M. Jain, W. Andreopoulos, and M. Stamp, “Convolutional neural networks and extreme learning machines for malware classification,” J. Comput. Virol. Hacking Tech., vol. 16, no. 3, pp. 229–244, 2020, doi: 10.1007/s11416-020-00354-y.
  12. N. A. Azeez, O. E. Odufuwa, S. Misra, J. Oluranti, and R. Damaševičius, “Windows PE Malware Detection Using Ensemble Learning,” Informatics, vol. 8, no. 1, p. 10, 2021, doi: 10.3390/informatics8010010.
  13. M. G. Schultz, E. Eskin, E. Zadok, and S. J. Stolfo, “Data mining methods for detection of new malicious executables,” Proc. IEEE Comput. Soc. Symp. Res. Secur. Priv., pp. 38–49, 2001, doi: 10.1109/secpri.2001.924286.
  14. R. Tian, L. M. Batten, and S. C. Versteeg, “Function length as a tool for malware classification,” 3rd Int. Conf. Malicious Unwanted Software, MALWARE 2008, pp. 69–76, 2008, doi: 10.1109/MALWARE.2008.4690860.
  15. D. Kong and G. Yan, “Discriminant malware distance learning on structural information for automated malware classification,” Proc. ACM SIGKDD Int. Conf. Knowl. Discov. Data Min., vol. Part F1288, pp. 1357–1365, 2013, doi: 10.1145/2487575.2488219.
  16. U. Bayer, C. Kruegel, and E. Kirda, “TTAnalyze: A tool for analyzing malware,” 15th Ann. Conf. Eur. Inst. Comput. Antivirus Res., pp. 180–192, 2006, [Online]. Available: https://www.auto.tuwien.ac.at/~chris/research/doc/eicar06_ttanalyze.pdf.
  17. G. Willems, T. Holz, and F. Freiling, “Toward automated dynamic malware analysis using CWSandbox,” IEEE Secur. Priv., vol. 5, no. 2, pp. 32–39, 2007, doi: 10.1109/MSP.2007.45.
  18. J. Zico Kolter and M. A. Maloof, “Learning to detect and classify malicious executables in the wild,” J. Mach. Learn. Res., vol. 7, pp. 2721–2744, 2006.
  19. B. Anderson, D. Quist, J. Neil, C. Storlie, and T. Lane, “Graph-based malware detection using dynamic analysis,” J. Comput. Virol., vol. 7, no. 4, pp. 247–258, 2011, doi: 10.1007/s11416-011-0152-x.
  20. L. Nataraj, S. Karthikeyan, G. Jacob, and B. S. Manjunath, “Malware images: Visualization and automatic classification,” ACM Int. Conf. Proceeding Ser., no. July, 2011, doi: 10.1145/2016904.2016908.
  21. A. Makandar and A. Patrot, “Malware class recognition using image processing techniques,” 2017 Int. Conf. Data Manag. Anal. Innov. ICDMAI 2017, pp. 76–80, 2017, doi: 10.1109/ICDMAI.2017.8073489.
  22. T. Wang and N. Xu, “Malware variants detection based on opcode image recognition in small training set,” 2017 2nd IEEE Int. Conf. Cloud Comput. Big Data Anal. ICCCBDA 2017, pp. 328–332, 2017, doi: 10.1109/ICCCBDA.2017.7951933.
  23. J. Fan, C. Ma, and Y. Zhong, “A selective overview of deep learning,” arXiv Prepr. arXiv1904.05526, 2019.
  24. C. C. Aggarwal, “Neural networks and deep learning,” Springer, vol. 10, pp. 973–978, 2018.
  25. B. B. Traore, B. Kamsu-Foguem, and F. Tangara, “Deep convolution neural network for image recognition,” Ecol. Inform., vol. 48, pp. 257–268, 2018.
  26. Y. LeCun, Y. Bengio, and G. Hinton, “Deep learning,” Nature, vol. 521, no. 7553, pp. 436–444, 2015.
  27. P. Kim, MATLAB Deep Learning: With Machine Learning, Neural Networks and Artificial Intelligence. 2017.