Robust AI‐SCORE Framework: Independent and Adversarial Validation for Malware Detection.
Saved in:
| Title: | Robust AI‐SCORE Framework: Independent and Adversarial Validation for Malware Detection. |
|---|---|
| Authors: | Zuberi, Hafiz Talha Arif1 (AUTHOR), Ali, Usman2 (AUTHOR), Ahmed, Usama2 (AUTHOR), Tariq, Muhammad Usman3 (AUTHOR), Shahzad, Tariq4 (AUTHOR), Khan, Muhammad Adnan5 (AUTHOR) adnan@gachon.ac.kr, Gandomi, Amir H.6,7 (AUTHOR) gandomi@uts.edu.au, Rabelo, Luis (AUTHOR) luis.rabelo@ucf.edu |
| Source: | Journal of Engineering (2314-4912). 4/24/2026, Vol. 2026, p1-18. 18p. |
| Subjects: | Malware, Adversarial machine learning, Deep learning, Software frameworks, Feature extraction, Statistical reliability, Internet security, Machine learning |
| Abstract: | Traditional malware detection methods such as signature‐based approaches and statistical analysis are becoming less effective in detecting the new breed of malware, which is holding high levels of complexity in terms of the number of code versions, compilation patterns, time to live (TTL), and jumping through evasion techniques. This study proposes a robust feature extraction methodology based on a technique of identifying malware inside network SPACE integrating self‐consistent robust error (SCORE) framework with machine learning (ML) and deep learning (DL) models for automated malware detection and threat classification. Preprocessing of the dataset was done using advanced labeling techniques alongside the synthetic minority oversampling technique (SMOTE) to handle data imbalance. Model robustness and generalization were assessed using k‐fold and leave‐one‐out cross‐validation. The study evaluates multiple ML and DL models, including k‐nearest neighbors (KNN), random forest (RF), multilayer perceptron (MLP), adaptive boosting (ADA), eXtreme Gradient Boosting (XGB), support vector machines (SVMs), and a custom convolutional neural network (CNN) integrated with the SCORE framework. Feature extraction focused on analyzing Office macros and portable executable (PE) structural attributes using tools like Oletools and pefile, followed by feature selection and correlation analysis to improve detection accuracy (ACC) and reduce computational costs. Experimental results show that the proposed framework achieves highly competitive performance, effectively detecting obfuscated and adversarially modified malware. The SCORE framework increases the robustness of our method under the guarantee of the consistent feature of the proposed solution, even in adversarial attack conditions. Validation results on the model are generalized to unseen malware samples, which conform to the independent validation results. This proves that artificial intelligence (AI)‐driven cybersecurity (CS) solutions can help in combating modern malware threats. Because family‐disjoint splitting was not enforced, the reported results should be interpreted as within‐distribution performance rather than strict unseen‐family generalization. These results demonstrate robustness to the tested tool‐based black‐box perturbations, rather than to a fully adaptive adversarial threat model. [ABSTRACT FROM AUTHOR] |
| Copyright of Journal of Engineering (2314-4912) is the property of Wiley-Blackwell and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Database: | Engineering Source |
|
Full text is not displayed to guests.
Login for full access.
|
|
Be the first to leave a comment!
