Neural Network Model for Malware Classification Based on BiD-ConvLSTM Encoder

The issue of malware poses a significant threat to the security of computer systems and data. Previous research has demonstrated that employing deep learning techniques is an effective solution for addressing this problem. Many scholars have adopted a method wherein they convert the binary code of malware executable files into images, utilizing neural networks for classification purposes. However, neural networks typically require inputs of fixed sizes, while malware sizes vary greatly and are often not uniform.Traditional algorithms that enforce a uniform image size can lead to information loss and redundancy.This paper proposes a malware classification model that employs a Bidirectional Dynamic Convolutional Long Short-Term Memory (BiD-ConvLSTM) encoder. This encoder can encode images generated from the binary code of malware executable files of varying sizes, outputting fixed-size feature images for neural network training. The encoded images are fed into a ResNet-50 for training and achieve up to 98.44% accuracy on the Microsoft Malware Classification Challenge (BIG 2015) dataset on Kaggle.