Logo image
Back
IMTD: intelligent malware threat detection using transfer learning methods in IoT environment
Journal article   Peer reviewed

IMTD: intelligent malware threat detection using transfer learning methods in IoT environment

Rakesh Sehgal, Rakesh Matam and Ezhil Kalaimannan
Journal of cyber security, Vol.online ahead of print, pp.1-31
11/18/2025
DOI: https://doi.org/10.1080/23742917.2025.2572152

Metrics

1 Record Views

Abstract

Malware detection and classification are vital to protecting digitally assets, especially in the expanding Internet of Things (IoT) ecosystem, where diverse platforms and architectures challenge the design of robust defense solutions. This paper introduces IMTD-DCNN: Intelligent Malware Threat Detection using a deep convolutional neural network. It combines transfer learning, SMOTE-based augmentation, and image visualization to provide accurate, efficient classification of malware. Binary executables are transformed into images, normalized, and passed through pre-trained CNNs as feature extractors, with dense-softmax layers for classification. IMTD-DCNN effectiveness is tested on three datasets: Malimg benchmark, the more balanced MaleVis dataset, and a real-world malware corpus collected from honeypots and labeled via VirusTotal and AVClass. Experiments show that IMTD-DCNN achieves 98.4% accuracy on Malimg, 97.9% on MaleVis, and 91.6% on modern malware, demonstrating strong generalization across both benchmark and real-world settings. Ablation studies confirm the complementary role of SMOTE augmentation and the custom dense layer, while 5-fold cross-validation establishes the stability of the results. Comparisons with state-of-the-art CNN and Transformer models show that IMTD-DCNN achieves competitive accuracy with much lower computational cost, making it ideal for IoT devices. It offers a scalable, lightweight solution for detecting polymorphic and obfuscated malware.

Details

Logo image