A Hybrid Approach For Malware Classification Using Secondary Features Fusion

2026-06-02 · Source: Artificial Intelligence · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy · Depth: Expert, quick

Summary

A novel hybrid approach is proposed for automated malware detection and family classification, directly addressing the rapid increase in malware variants and the limitations of traditional detection methods. This method integrates feature fusion, extracting relevant malware characteristics such as API calls and fixed/variable length n-grams, combined with a customized feature selection technique. For the predictive model, a voting-based algorithm fusion strategy is employed, combining multiple algorithms for enhanced prediction. Evaluated using both binary and multi-class classification on a Microsoft dataset, the approach demonstrates high effectiveness and efficiency. Experimental results indicate an AUC of 0.989, an accuracy of 99.72%, and a log loss of 0.01, outperforming existing methods in classifying detected threats into their respective families.

Key takeaway

For AI Security Engineers or Malware Analysts tasked with improving automated threat intelligence, this hybrid classification approach offers a robust solution. You should consider integrating similar feature fusion techniques, specifically leveraging API calls and n-grams, alongside a voting-based algorithm ensemble to enhance the accuracy and family-level granularity of your malware detection systems. This can significantly improve mitigation strategies by enabling more precise threat categorization.

Key insights

A hybrid method combines feature and algorithm fusion for automated, accurate malware family classification.

Method

The proposed method involves extracting API calls and n-grams, applying customized feature selection, performing feature fusion, and then using a voting-based algorithm fusion for classification.

Topics

• Malware Classification
• Feature Fusion
• API Calls
• N-grams
• Machine Learning
• Voting Classifier

Best for: Research Scientist, AI Scientist, Machine Learning Engineer, AI Security Engineer

Related on AIssential

• Promoting Simple Agents: Ensemble Methods for Event-Log Prediction — N-gram models offer competitive accuracy for event-log prediction with significantly fewer resources than neural networks.
• Multi-population Diversity-guided Genetic Algorithm for Feature Selection in Network Intrusion Detection — MPDGGA improves NIDS feature selection by combining multi-population evolution with diversity-guided operators for better accuracy and feature compactness.
• Large Byte Model: Teaching Language Models About Compiled Code — Byte-native LLMs with domain-specific training can accurately analyze raw executable code, outperforming generic models for malware classification.
• Mitigating Data Scarcity in Psychological Defense Classification with Context-Aware Synthetic Augmentation — Context-aware synthetic data augmentation with theory-driven prompts significantly improves psychological defense mechanism classification in low-resource settings.
• Cyber-Physical Anomaly Detection in IoT-Enabled Smart Grids Using Machine Learning and Metaheuristic Feature Optimization — Optimized feature selection significantly enhances cyber-physical anomaly detection in smart grids, reducing data redundancy while improving accuracy.
• CLASP: Defending Hybrid Large Language Models Against Hidden State Poisoning Attacks — CLASP defends Mamba-based LLMs from hidden state poisoning by classifying malicious tokens via block output embeddings.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Artificial Intelligence.