A Hybrid Shallow CNN-LSTM Model for Enhanced Malware Classification

Abstract

The cybersecurity field faces significant challenges in detecting and classifying malware due to the continuous propagation of more complex and varied malware. Imbalanced datasets where benign samples outweigh malware samples, which create significant problems within this domain resulting in biased model performance. This study developed a hybrid shallow CNN with LSTM integration to overcome the problem of malware classification. This method combines CNN’s spatial feature extraction capabilities with LSTM’s sequential pattern recognition to analyze malware’s static and dynamic properties effectively. The methodology involved evaluating the model on a dataset with significant class imbalances through the adoption of SMOTE. The model evaluation relied on several key performance metrics, including accuracy, precision, recall, and the F1-score. The study also compared the developed model with existing models to demonstrate its superior performance The hybrid CNN-LSTM model proved effective by obtaining 99.44% accuracy for balanced datasets while sustaining 99.22% accuracy for imbalanced datasets. The results confirm that reducing class imbalance improves the accuracy of machine learning models for malware classification. The model demonstrated better performance than earlier research works, as shown through its higher accuracy rate. This research develops malware detection techniques and delivers a reliable solution for real-world cybersecurity applications.