Category Ranking
98%
Total Visits
921
Avg Visit Duration
2 minutes
Citations
20
Article Abstract
With the exponential growth in the quantity and complexity of malware, traditional detection methods face severe challenges. This paper proposes GCSA-ResNet, a novel deep learning model that significantly enhances malware detection performance by integrating the Global Channel-Spatial Attention (GCSA) module with ResNet-50. The core innovation lies in the GCSA module, which for the first time collaboratively designs channel attention, channel shuffling, and spatial attention mechanisms to simultaneously capture local texture features and global dependency relationships in visualized malware images. Compared with existing attention models such as SE and CBAM, GCSA strengthens cross-channel information interaction through channel shuffling operations and employs spatial attention with a 7 × 7 convolutional kernel to more effectively model long-range spatial correlations. Experiments on the Malimg and Microsoft BIG 2015 datasets demonstrate that GCSA-ResNet achieves over 98.50% accuracy, representing a performance improvement of more than 0.5% compared to baseline models. Quantitative results show that the model maintains stable performance in precision, recall, and F1-score, while reducing false positive rates by 40-50%. These advancements effectively address the limitations of existing methods in feature degradation and cross-family misclassification.
Download full-text PDF |
Source |
|---|---|
| http://www.ncbi.nlm.nih.gov/pmc/articles/PMC12230128 | PMC |
| http://dx.doi.org/10.1038/s41598-025-10561-6 | DOI Listing |
Publication Analysis
Top Keywords
Similar Publications
A robust and dynamic malware detection and classification model using behavioral-based analysis and BERT technique.
PLoS One
September 2025
Department of Computer Science, College of Engineering and Computer Science, Jazan University, Jazan, Kingdom of Saudi Arabia.
Malware classification is a challenging task due to the constantly evolving nature of malicious software. Traditional signature-based methods and static analysis often fail to detect sophisticated threats, making behavior-based analysis crucial. This study proposes a malware detection model that analyzes the behavior of executable files (.
View Article and Find Full Text PDFWith the widespread adoption of internet technologies and email communication systems, the exponential growth in email usage has precipitated a corresponding surge in spam proliferation. These unsolicited messages not only consume users' valuable time through information overload but also pose significant cybersecurity threats through malware distribution and phishing schemes, thereby jeopardizing both digital security and user experience. This emerging challenge underscores the critical importance of developing effective spam detection mechanisms as a cornerstone of modern cybersecurity infrastructure.
View Article and Find Full Text PDFA novel technique for ransomware detection using image based dynamic features and transfer learning to address dataset limitations.
Sci Rep
September 2025
School of Computing, Mathematics and Engineering, Charles Sturt University, Bathurst, NSW, 2795, Australia.
The increasing frequency of ransomware attacks necessitates the development of more effective detection methods. Existing image-based ransomware detection approaches have largely focused on static analysis, overlooking specialized ransomware behaviors such as encryption, privilege escalation, and system recovery disruption. Although dynamic and memory forensics-based visualization methods exist in the broader malware domain, they primarily target generic malware families and often rely on memory dumps or system snapshots without transforming behavioral features into spatially meaningful representations.
View Article and Find Full Text PDFHoneyLite: A Lightweight Honeypot Security Solution for SMEs.
Sensors (Basel)
August 2025
Information System Department, King Saud University, Riyadh 11451, Saudi Arabia.
Small and medium-sized enterprises (SMEs) are increasingly targeted by cyber threats but often lack the financial and technical resources to implement advanced security systems. This paper presents HoneyLite, a lightweight and dynamic honeypot-based security solution specifically designed to meet the constraints and cybersecurity needs of SMEs. Unlike traditional honeypots, HoneyLite integrates real-time network traffic analysis with automated malware detection via the VirusTotal API, enabling it to identify a wide range of cyber threats, including TCP scans, FTP/SSH intrusions, ICMP flood attacks, and malicious file uploads.
View Article and Find Full Text PDFScalable architecture for autonomous malware detection and defense in software-defined networks using federated learning approaches.
Sci Rep
August 2025
Computer Engineering Department, Umm Al-Qura University, 24381, Mecca, Saudi Arabia.
This paper proposes a scalable and autonomous malware detection and defence architecture in software-defined networks (SDNs) that employs federated learning (FL). This architecture combines SDN's centralized management of potentially significant data streams with FL's decentralized, privacy-preserving learning capabilities in a distributed manner adaptable to varying time and space constraints. This enables a flexible, adaptive design and prevention approach in large-scale, heterogeneous networks.
View Article and Find Full Text PDF