ViTGuard: a synergistic approach to malware detection using vision transformers and genetic algorithms optimization

ViTGuard: a synergistic approach to malware detection using vision transformers and genetic algorithms optimization

연구 분야: Safety

학회: Pattern Analysis and Applications

In the realm of cybersecurity, malware detection stands at the forefront of defense against malicious software. This study introduces an innovative strategy to tackle the ever-evolving cyber threats that characterize the current landscape, transcending traditional methodologies. We present a hybridized approach that combines the advanced capabilities of Vision Transformer (ViT) model, genetic algorithms, and cutting-edge deep learning techniques, marking a new era in cybersecurity. The proposed process begins by transforming complex malware source code into grayscale images, effectively bridging the gap between linear code analysis and spatial image recognition. These grayscale images are analyzed using the ViT_b16 model, renowned for its exceptional ability to uncover subtle intricacies within images. The next steps involve leveraging deep learning to scrutinize the features identified by the ViT, facilitating precise detection of malicious code. To enhance the efficiency of the proposed deep learning model, a genetic algorithm is employed for end-to-end hyperparameter optimization for both ViT and deep learning phases. this process aims at calibrating essential parameters such as the Image Size, Number of Attention Heads, Hidden Size (Embedding Dimension), MLP (Feedforward) Dimension, activation function, architectural depth, neuron count, optimizers, initializers, dropout layers, batch normalization, and learning rates of the ViT_b16 and deep learning models. After extensive training on a dataset comprising 25 diverse malware families, the proposed model exhibits remarkable performance, consistently achieving an accuracy rate exceeding 99% in differentiating among these malware variants. A comprehensive evaluation and benchmarking against both state-of-the-art malware detection methodologies and widely used baseline models, including CNNs and traditional machine learning algorithms, demonstrating superior detection performance across all metrics.