A Comparison of Selected Image Transformation Techniques for Malware Classification

• URL: http://arxiv.org/abs/2509.10838v1
• Date: Sat, 13 Sep 2025 15:00:10 GMT
• Title: A Comparison of Selected Image Transformation Techniques for Malware Classification
• Authors: Rishit Agrawal, Kunal Bhatnagar, Andrew Do, Ronnit Rana, Mark Stamp,
• Abstract summary: We study eight distinct malware-to-image conversion techniques.<n>We find that several of these image conversion techniques perform similarly across a range of learning models.<n>Results suggest that the effectiveness of image-based malware classification techniques may depend more on the inherent strengths of image analysis techniques.
• Score: 0.1957338076370071
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Recently, a considerable amount of malware research has focused on the use of powerful image-based machine learning techniques, which generally yield impressive results. However, before image-based techniques can be applied to malware, the samples must be converted to images, and there is no generally-accepted approach for doing so. The malware-to-image conversion strategies found in the literature often appear to be ad hoc, with little or no effort made to take into account properties of executable files. In this paper, we experiment with eight distinct malware-to-image conversion techniques, and for each, we test a variety of learning models. We find that several of these image conversion techniques perform similarly across a range of learning models, in spite of the image conversion processes being quite different. These results suggest that the effectiveness of image-based malware classification techniques may depend more on the inherent strengths of image analysis techniques, as opposed to the precise details of the image conversion strategy.

Related papers

• Transferable Learned Image Compression-Resistant Adversarial Perturbations [66.46470251521947]
  Adversarial attacks can readily disrupt the image classification system, revealing the vulnerability of DNN-based recognition tasks. We introduce a new pipeline that targets image classification models that utilize learned image compressors as pre-processing modules.
  arXiv  Detail & Related papers  (2024-01-06T03:03:28Z)
• High-resolution Image-based Malware Classification using Multiple Instance Learning [0.0]
  This paper proposes a novel method of classifying malware into families using high-resolution greyscale images and multiple instance learning. The implementation is evaluated on the Microsoft Malware Classification dataset and achieves accuracies of up to $96.6%$ on adversarially enlarged samples.
  arXiv  Detail & Related papers  (2023-11-21T18:11:26Z)
• Detecting Generated Images by Real Images Only [64.12501227493765]
  Existing generated image detection methods detect visual artifacts in generated images or learn discriminative features from both real and generated images by massive training. This paper approaches the generated image detection problem from a new perspective: Start from real images. By finding the commonality of real images and mapping them to a dense subspace in feature space, the goal is that generated images, regardless of their generative model, are then projected outside the subspace.
  arXiv  Detail & Related papers  (2023-11-02T03:09:37Z)
• From Malware Samples to Fractal Images: A New Paradigm for Classification. (Version 2.0, Previous version paper name: Have you ever seen malware?) [0.3670422696827526]
  We propose a very unconventional and novel approach to malware visualisation based on dynamic behaviour analysis. The idea is that the images, which are visually very interesting, are then used to classify malware concerning goodware. The results of the presented experiments are based on a database of 6 589 997 goodware, 827 853 potentially unwanted applications and 4 174 203 malware samples.
  arXiv  Detail & Related papers  (2022-12-05T15:15:54Z)
• ObjectFormer for Image Manipulation Detection and Localization [118.89882740099137]
  We propose ObjectFormer to detect and localize image manipulations. We extract high-frequency features of the images and combine them with RGB features as multimodal patch embeddings. We conduct extensive experiments on various datasets and the results verify the effectiveness of the proposed method.
  arXiv  Detail & Related papers  (2022-03-28T12:27:34Z)
• Adaptive Image Transformations for Transfer-based Adversarial Attack [73.74904401540743]
  We propose a novel architecture, called Adaptive Image Transformation Learner (AITL) Our elaborately designed learner adaptively selects the most effective combination of image transformations specific to the input image. Our method significantly improves the attack success rates on both normally trained models and defense models under various settings.
  arXiv  Detail & Related papers  (2021-11-27T08:15:44Z)
• Auxiliary-Classifier GAN for Malware Analysis [4.111899441919165]
  We generate fake malware images using auxiliary classifier GANs (AC-GAN) We consider the effectiveness of various techniques for classifying the resulting images. While the AC-GAN generated images often appear to be very similar to real malware images, we conclude that from a deep learning perspective, the AC-GAN generated samples do not rise to the level of deep fake malware images.
  arXiv  Detail & Related papers  (2021-07-04T13:15:03Z)
• A Hierarchical Transformation-Discriminating Generative Model for Few Shot Anomaly Detection [93.38607559281601]
  We devise a hierarchical generative model that captures the multi-scale patch distribution of each training image. The anomaly score is obtained by aggregating the patch-based votes of the correct transformation across scales and image regions.
  arXiv  Detail & Related papers  (2021-04-29T17:49:48Z)
• FeatMatch: Feature-Based Augmentation for Semi-Supervised Learning [64.32306537419498]
  We propose a novel learned feature-based refinement and augmentation method that produces a varied set of complex transformations. These transformations also use information from both within-class and across-class representations that we extract through clustering. We demonstrate that our method is comparable to current state of art for smaller datasets while being able to scale up to larger datasets.
  arXiv  Detail & Related papers  (2020-07-16T17:55:31Z)
• Learning Transformation-Aware Embeddings for Image Forensics [15.484408315588569]
  Image Provenance Analysis aims at discovering relationships among different manipulated image versions that share content. One of the main sub-problems for provenance analysis that has not yet been addressed directly is the edit ordering of images that share full content or are near-duplicates. This paper introduces a novel deep learning-based approach to provide a plausible ordering to images that have been generated from a single image through transformations.
  arXiv  Detail & Related papers  (2020-01-13T22:01:24Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.