AntiMal: an Approach of Malware Detection Employing Swin Transformer

In the present era, the menace of malicious software is growing continuously, posing a significant challenge in the realm of cybersecurity. Currently, traditional machine learning algorithms have been widely applied to the analysis of malicious software and are considered effective methods. However, these approaches often require extensive feature engineering, feature learning, and feature representation, which can be time-consuming and resource-intensive. In this paper, a method for the identification of malicious software, named "AntiMal," is proposed. This method utilizes the Swin Transformer as the backbone network and combines it with image features for static analysis. It leverages the dataset provided by Microsoft for the Kaggle Microsoft Malware Classification Challenge. Initially, it converts the binary data of malicious code into grayscale images, treating every 8 bits as a pixel. Subsequently, it employs PyTorch to build and train the Swin Transformer, classifying the images in the validation set. The results demonstrate that this approach excels in the problem of malicious software classification, achieving an impressive accuracy of up to 95%, showcasing remarkable precision and generalization capabilities. Furthermore, it exhibits significant advantages when dealing with large datasets, requiring fewer computational resources, thus offering exceptional computational efficiency.