TRConv: Multi-platform malware classification via target regulated convolutions

Creative Commons License


IEEE Access, vol.12, pp.71492-71504, 2024 (SCI-Expanded) identifier

  • Publication Type: Article / Article
  • Volume: 12
  • Publication Date: 2024
  • Doi Number: 10.1109/access.2024.3401627
  • Journal Name: IEEE Access
  • Journal Indexes: Science Citation Index Expanded (SCI-EXPANDED), Scopus, Compendex, INSPEC, Directory of Open Access Journals
  • Page Numbers: pp.71492-71504
  • Keywords: Convolutional network, malware and benign, malware behaviour analysis, opcode length
  • Yıldız Technical University Affiliated: Yes


Malware is an important threat to digital workflow. Traditional malware modeling approaches focused on using hand-crafted features while recent approaches proved the necessity of using learning based methodologies. In this paper, we propose a novel opcode based methodology that additionally learns multiple behavioral target variables to effectively regulate and guide the static malware classification. Our methodology shows that introduction of previously extracted malware behavior-related target variables immediately improve binary malware classification performance in both Android and Windows platforms. The contributions of our methodology has been extensively validated on ArgusAMD and MOTIF dataset. Mean classification accuracy and F1 scores suggest that our model is robust against random opcode injection attacks compared to other convolution based architectures.