Zobrazit v EDS

Adaptive malware identification via integrated SimCLR and GRU networks.

Uloženo v:
Podrobná bibliografie
Název: Adaptive malware identification via integrated SimCLR and GRU networks.
Autoři: Alsubaei, Faisal S., Almazroi, Abdulwahab Ali, Atwa, Walid Said, Almazroi, Abdulaleem Ali, Ayub, Nasir, Jhanjhi, N. Z.
Zdroj: Scientific Reports; 7/13/2025, Vol. 15 Issue 1, p1-18, 18p
Témata: MALWARE, DEEP learning, INTERNET security, REAL-time computing, MACHINE learning, GRAPH neural networks, FEATURE extraction, RECURRENT neural networks
Abstrakt: Malware has become a big issue for digital infrastructure with the growing complexity and frequency of intrusions; it usually avoids conventional detection systems via obfuscation and dynamic behaviour patterns. Existing methods, particularly those relying on signature-based techniques, struggle to detect emerging threats, leading to significant vulnerabilities in enterprise and institutional environments. This study aims to develop an adaptive and efficient malware detection framework that addresses these limitations while supporting real-time analysis. To this end, we introduce SimCLR-GRU, a novel ensemble architecture that integrates SimCLR-based contrastive learning for feature extraction and a GRU module to capture sequential behavioural patterns. The framework also incorporates graph neural network (GNN)-based feature selection to reduce redundancy and optimise Fish School Search (FSS) to fine-tune key hyperparameters for improved learning performance. Experiments using a comprehensive Portable Executable (PE) malware dataset show that SimCLR-GRU achieves a classification accuracy of 99%, exceeding many baseline models with a 15% increase. An AUC of 98.2%, an F1-score of 96.8%, and a false positive rate of only 0.02% underline the model's generalizability, accuracy, and resilience. Moreover, the low inference latency of the model qualifies for implementation in real-time and resource-limited surroundings. SimCLR-GRU provides a scalable and decisive answer to modern cyberspace's changing malware detection problem. [ABSTRACT FROM AUTHOR]
Copyright of Scientific Reports is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Databáze: Complementary Index
Popis
Abstrakt:Malware has become a big issue for digital infrastructure with the growing complexity and frequency of intrusions; it usually avoids conventional detection systems via obfuscation and dynamic behaviour patterns. Existing methods, particularly those relying on signature-based techniques, struggle to detect emerging threats, leading to significant vulnerabilities in enterprise and institutional environments. This study aims to develop an adaptive and efficient malware detection framework that addresses these limitations while supporting real-time analysis. To this end, we introduce SimCLR-GRU, a novel ensemble architecture that integrates SimCLR-based contrastive learning for feature extraction and a GRU module to capture sequential behavioural patterns. The framework also incorporates graph neural network (GNN)-based feature selection to reduce redundancy and optimise Fish School Search (FSS) to fine-tune key hyperparameters for improved learning performance. Experiments using a comprehensive Portable Executable (PE) malware dataset show that SimCLR-GRU achieves a classification accuracy of 99%, exceeding many baseline models with a 15% increase. An AUC of 98.2%, an F1-score of 96.8%, and a false positive rate of only 0.02% underline the model's generalizability, accuracy, and resilience. Moreover, the low inference latency of the model qualifies for implementation in real-time and resource-limited surroundings. SimCLR-GRU provides a scalable and decisive answer to modern cyberspace's changing malware detection problem. [ABSTRACT FROM AUTHOR]
ISSN:20452322
DOI:10.1038/s41598-025-08556-4