Image-based malware classification hybrid framework based on space-filling curves

There exists a never-ending “arms race” between malware analysts and adversarial malicious code developers as malevolent programs evolve countermeasures are developed to detect eradicate them. Malware has become more complex in its intent capabilities over time, which prompted the need for constant improvement detection defence methods. Of particular concern anti-analysis obfuscation techniques, such packing encryption, that employed by evade thwart analysis process. In cases, is generally impervious basic methods so must use invasive techniques extract signatures classification, inevitably not scalable due their complexity. this article, we present hybrid framework classification designed overcome challenges incurred current approaches. The incorporates novel static dynamic methods, where executables process memory dumps converted images mapped through space-filling curves, from visual features extracted classification. less than traditional there no reverse engineering required, nor does it suffer limitations of analysis. On dataset 13,599 obfuscated non-obfuscated samples 23 families, outperformed both standalone with precision, recall accuracy scores 97.6%, 97.6% respectively.