A Novel Malware Classification Using CNN-SVM Deep Learning Method Based on Transfer Learning Architecture

Guan Yu Wang; Hung Jui Ko; Wei Jen Wang

doi:10.1007/978-981-97-7786-0_15

A Novel Malware Classification Using CNN-SVM Deep Learning Method Based on Transfer Learning Architecture

Guan Yu Wang
, Hung Jui Ko
, Wei Jen Wang

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

With the frequent occurrence of global security incidents, the detection of malware has become a popular topic in the cyber security area. Deep learning techniques outperform conventional pattern-matching techniques in malware classification tasks. However, deep learning requires more time for model training. Therefore, we adopt transfer learning, where pretrained models are in a new model, which reduces the training time and generalization error. In this study, we propose a convolutional neural network (CNN)–support vector machine (SVM) deep learning method based on the transfer learning architecture for malware classification. VGG16, pretrained on ImageNet via transfer learning, is employed as the CNN model. We remove the fully connected layer from the VGG16 model to treat it as a feature extractor. Next, the Microsoft BIG 2015 dataset (10,868 malware samples of 9 families) is converted into grayscale images and input into the VGG16 model for feature extraction, thereby obtaining a new dataset. Finally, the new dataset is input into the SVM classifier for the classification task.

Original language	English
Title of host publication	Security and Information Technologies with AI, Internet Computing and Big-data Applications - Proceedings of SITAIBA 2023
Editors	George A. Tsihrintzis, Shiuh-Jeng WANG, Chih-Hung Wang
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	165-177
Number of pages	13
ISBN (Print)	9789819777853
DOIs	https://doi.org/10.1007/978-981-97-7786-0_15
State	Published - 2025
Event	2nd International Conference on Security and Information Technologies with AI, Internet Computing and Big-data Applications, SITAIBA 2023 - New Taipei City, Taiwan Duration: 7 Dec 2023 → 9 Dec 2023

Publication series

Name	Smart Innovation, Systems and Technologies
Volume	410 SIST
ISSN (Print)	2190-3018
ISSN (Electronic)	2190-3026

Conference

Conference	2nd International Conference on Security and Information Technologies with AI, Internet Computing and Big-data Applications, SITAIBA 2023
Country/Territory	Taiwan
City	New Taipei City
Period	7/12/23 → 9/12/23

Keywords

Malware classification
SVM
Transfer learning
VGG16

Access to Document

10.1007/978-981-97-7786-0_15

Cite this

Wang, G. Y., Ko, H. J., & Wang, W. J. (2025). A Novel Malware Classification Using CNN-SVM Deep Learning Method Based on Transfer Learning Architecture. In G. A. Tsihrintzis, S.-J. WANG, & C.-H. Wang (Eds.), Security and Information Technologies with AI, Internet Computing and Big-data Applications - Proceedings of SITAIBA 2023 (pp. 165-177). (Smart Innovation, Systems and Technologies; Vol. 410 SIST). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-981-97-7786-0_15

Wang, Guan Yu ; Ko, Hung Jui ; Wang, Wei Jen. / A Novel Malware Classification Using CNN-SVM Deep Learning Method Based on Transfer Learning Architecture. Security and Information Technologies with AI, Internet Computing and Big-data Applications - Proceedings of SITAIBA 2023. editor / George A. Tsihrintzis ; Shiuh-Jeng WANG ; Chih-Hung Wang. Springer Science and Business Media Deutschland GmbH, 2025. pp. 165-177 (Smart Innovation, Systems and Technologies).

@inproceedings{110b2d24ad3e4e17abf579ad3ca641fb,

title = "A Novel Malware Classification Using CNN-SVM Deep Learning Method Based on Transfer Learning Architecture",

abstract = "With the frequent occurrence of global security incidents, the detection of malware has become a popular topic in the cyber security area. Deep learning techniques outperform conventional pattern-matching techniques in malware classification tasks. However, deep learning requires more time for model training. Therefore, we adopt transfer learning, where pretrained models are in a new model, which reduces the training time and generalization error. In this study, we propose a convolutional neural network (CNN)–support vector machine (SVM) deep learning method based on the transfer learning architecture for malware classification. VGG16, pretrained on ImageNet via transfer learning, is employed as the CNN model. We remove the fully connected layer from the VGG16 model to treat it as a feature extractor. Next, the Microsoft BIG 2015 dataset (10,868 malware samples of 9 families) is converted into grayscale images and input into the VGG16 model for feature extraction, thereby obtaining a new dataset. Finally, the new dataset is input into the SVM classifier for the classification task.",

keywords = "Malware classification, SVM, Transfer learning, VGG16",

author = "Wang, \{Guan Yu\} and Ko, \{Hung Jui\} and Wang, \{Wei Jen\}",

note = "Publisher Copyright: {\textcopyright} The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2025.; 2nd International Conference on Security and Information Technologies with AI, Internet Computing and Big-data Applications, SITAIBA 2023 ; Conference date: 07-12-2023 Through 09-12-2023",

year = "2025",

doi = "10.1007/978-981-97-7786-0\_15",

language = "???core.languages.en\_GB???",

isbn = "9789819777853",

series = "Smart Innovation, Systems and Technologies",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "165--177",

editor = "Tsihrintzis, \{George A.\} and Shiuh-Jeng WANG and Chih-Hung Wang",

booktitle = "Security and Information Technologies with AI, Internet Computing and Big-data Applications - Proceedings of SITAIBA 2023",

}

Wang, GY, Ko, HJ & Wang, WJ 2025, A Novel Malware Classification Using CNN-SVM Deep Learning Method Based on Transfer Learning Architecture. in GA Tsihrintzis, S-J WANG & C-H Wang (eds), Security and Information Technologies with AI, Internet Computing and Big-data Applications - Proceedings of SITAIBA 2023. Smart Innovation, Systems and Technologies, vol. 410 SIST, Springer Science and Business Media Deutschland GmbH, pp. 165-177, 2nd International Conference on Security and Information Technologies with AI, Internet Computing and Big-data Applications, SITAIBA 2023, New Taipei City, Taiwan, 7/12/23. https://doi.org/10.1007/978-981-97-7786-0_15

A Novel Malware Classification Using CNN-SVM Deep Learning Method Based on Transfer Learning Architecture. / Wang, Guan Yu; Ko, Hung Jui; Wang, Wei Jen.
Security and Information Technologies with AI, Internet Computing and Big-data Applications - Proceedings of SITAIBA 2023. ed. / George A. Tsihrintzis; Shiuh-Jeng WANG; Chih-Hung Wang. Springer Science and Business Media Deutschland GmbH, 2025. p. 165-177 (Smart Innovation, Systems and Technologies; Vol. 410 SIST).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - A Novel Malware Classification Using CNN-SVM Deep Learning Method Based on Transfer Learning Architecture

AU - Wang, Guan Yu

AU - Ko, Hung Jui

AU - Wang, Wei Jen

N1 - Publisher Copyright: © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2025.

PY - 2025

Y1 - 2025

N2 - With the frequent occurrence of global security incidents, the detection of malware has become a popular topic in the cyber security area. Deep learning techniques outperform conventional pattern-matching techniques in malware classification tasks. However, deep learning requires more time for model training. Therefore, we adopt transfer learning, where pretrained models are in a new model, which reduces the training time and generalization error. In this study, we propose a convolutional neural network (CNN)–support vector machine (SVM) deep learning method based on the transfer learning architecture for malware classification. VGG16, pretrained on ImageNet via transfer learning, is employed as the CNN model. We remove the fully connected layer from the VGG16 model to treat it as a feature extractor. Next, the Microsoft BIG 2015 dataset (10,868 malware samples of 9 families) is converted into grayscale images and input into the VGG16 model for feature extraction, thereby obtaining a new dataset. Finally, the new dataset is input into the SVM classifier for the classification task.

AB - With the frequent occurrence of global security incidents, the detection of malware has become a popular topic in the cyber security area. Deep learning techniques outperform conventional pattern-matching techniques in malware classification tasks. However, deep learning requires more time for model training. Therefore, we adopt transfer learning, where pretrained models are in a new model, which reduces the training time and generalization error. In this study, we propose a convolutional neural network (CNN)–support vector machine (SVM) deep learning method based on the transfer learning architecture for malware classification. VGG16, pretrained on ImageNet via transfer learning, is employed as the CNN model. We remove the fully connected layer from the VGG16 model to treat it as a feature extractor. Next, the Microsoft BIG 2015 dataset (10,868 malware samples of 9 families) is converted into grayscale images and input into the VGG16 model for feature extraction, thereby obtaining a new dataset. Finally, the new dataset is input into the SVM classifier for the classification task.

KW - Malware classification

KW - SVM

KW - Transfer learning

KW - VGG16

UR - https://www.scopus.com/pages/publications/105003243694

U2 - 10.1007/978-981-97-7786-0_15

DO - 10.1007/978-981-97-7786-0_15

M3 - 會議論文篇章

AN - SCOPUS:105003243694

SN - 9789819777853

T3 - Smart Innovation, Systems and Technologies

SP - 165

EP - 177

BT - Security and Information Technologies with AI, Internet Computing and Big-data Applications - Proceedings of SITAIBA 2023

A2 - Tsihrintzis, George A.

A2 - WANG, Shiuh-Jeng

A2 - Wang, Chih-Hung

PB - Springer Science and Business Media Deutschland GmbH

T2 - 2nd International Conference on Security and Information Technologies with AI, Internet Computing and Big-data Applications, SITAIBA 2023

Y2 - 7 December 2023 through 9 December 2023

ER -

Wang GY, Ko HJ, Wang WJ. A Novel Malware Classification Using CNN-SVM Deep Learning Method Based on Transfer Learning Architecture. In Tsihrintzis GA, WANG SJ, Wang CH, editors, Security and Information Technologies with AI, Internet Computing and Big-data Applications - Proceedings of SITAIBA 2023. Springer Science and Business Media Deutschland GmbH. 2025. p. 165-177. (Smart Innovation, Systems and Technologies). doi: 10.1007/978-981-97-7786-0_15

A Novel Malware Classification Using CNN-SVM Deep Learning Method Based on Transfer Learning Architecture

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Cite this