Jove
Visualize
Contact Us

Related Concept Videos

You might also read

Related Articles

Articles linked to this work by shared authors, journal, and citation graph.

Sort by
Same author

Obfuscated Malware Detection and Classification in Network Traffic Leveraging Hybrid Large Language Models and Synthetic Data.

Sensors (Basel, Switzerland)·2025
Same author

Enhanced Network Intrusion Detection System for Internet of Things Security Using Multimodal Big Data Representation with Transfer Learning and Game Theory.

Sensors (Basel, Switzerland)·2024
Same author

Intelligent decision making for energy efficient fog nodes selection and smart switching in the IOT: a machine learning approach.

PeerJ. Computer science·2024
Same author

A Novel Framework for Melanoma Lesion Segmentation Using Multiparallel Depthwise Separable and Dilated Convolutions with Swish Activations.

Journal of healthcare engineering·2023
Same author

Explainable Malware Detection System Using Transformers-Based Transfer Learning and Multi-Model Visual Representation.

Sensors (Basel, Switzerland)·2022
Same author

Cyber-Threat Detection System Using a Hybrid Approach of Transfer Learning and Multi-Model Image Representation.

Sensors (Basel, Switzerland)·2022
JoVE
x logofacebook logolinkedin logoyoutube logo
ABOUT JoVE
OverviewLeadershipBlogJoVE Help Center
AUTHORS
Publishing ProcessEditorial BoardScope & PoliciesPeer ReviewFAQSubmit
LIBRARIANS
TestimonialsSubscriptionsAccessResourcesLibrary Advisory BoardFAQ
RESEARCH
JoVE JournalMethods CollectionsJoVE Encyclopedia of ExperimentsArchive
EDUCATION
JoVE CoreJoVE BusinessJoVE Science EducationJoVE Lab ManualFaculty Resource CenterFaculty Site
Terms & Conditions of Use
Privacy Policy
Policies

Related Experiment Video

Updated: Sep 3, 2025

DNA Virus Detection System Based on RPA-CRISPR/Cas12a-SPM and Deep Learning
04:17

DNA Virus Detection System Based on RPA-CRISPR/Cas12a-SPM and Deep Learning

Published on: May 10, 2024

863

Explainable Artificial Intelligence-Based IoT Device Malware Detection Mechanism Using Image Visualization and

Hamad Naeem1, Bandar M Alshammari2, Farhan Ullah3

  • 1School of Computer Science and Technology, Zhoukou Normal University, Zhoukou 466001, Henan, China.

Computational Intelligence and Neuroscience
|July 25, 2022
PubMed
Summary

This study introduces a new way to detect malicious software on Internet of Things devices by converting files into images and using advanced computer vision models. By fine-tuning a pre-trained model, the researchers achieved high accuracy in identifying threats while using visualization tools to explain how the system makes its decisions.

Keywords:
Deep LearningInception-v3Network SecurityTransfer Learning

Frequently Asked Questions

More Related Videos

Author Spotlight: AI-Driven Trypanosome Species Detection from Microscopic Images
08:20

Author Spotlight: AI-Driven Trypanosome Species Detection from Microscopic Images

Published on: October 27, 2023

1.6K
Automation of the Micronucleus Assay Using Imaging Flow Cytometry and Artificial Intelligence
09:11

Automation of the Micronucleus Assay Using Imaging Flow Cytometry and Artificial Intelligence

Published on: January 27, 2023

2.2K

Related Experiment Videos

Last Updated: Sep 3, 2025

DNA Virus Detection System Based on RPA-CRISPR/Cas12a-SPM and Deep Learning
04:17

DNA Virus Detection System Based on RPA-CRISPR/Cas12a-SPM and Deep Learning

Published on: May 10, 2024

863
Author Spotlight: AI-Driven Trypanosome Species Detection from Microscopic Images
08:20

Author Spotlight: AI-Driven Trypanosome Species Detection from Microscopic Images

Published on: October 27, 2023

1.6K
Automation of the Micronucleus Assay Using Imaging Flow Cytometry and Artificial Intelligence
09:11

Automation of the Micronucleus Assay Using Imaging Flow Cytometry and Artificial Intelligence

Published on: January 27, 2023

2.2K

Area of Science:

  • Network security within Explainable Artificial Intelligence research
  • Cybersecurity engineering and IoT device protection

Background:

No prior work had fully resolved the limitations of signature-based security for modern, complex threats. Traditional manual analysis remains too slow for the current volume of malicious software. Malware authors frequently employ obfuscation techniques to evade standard detection protocols. This gap motivated the adoption of deep learning architectures to improve threat identification. Prior research has shown that deep learning models can learn patterns from data automatically. However, applying these models to Internet of Things devices presents unique challenges due to limited hardware resources. That uncertainty drove the need for more efficient, automated classification strategies. Existing methods often struggle to maintain high performance against polymorphic code variations.

Purpose Of The Study:

The study aims to develop a robust mechanism for identifying malicious software on Internet of Things devices using advanced deep learning. Researchers seek to overcome the limitations of traditional signature-based detection methods that fail against polymorphic threats. Manual analysis of malware files is currently too resource-intensive for modern network security requirements. This project addresses the need for automated, efficient, and interpretable classification strategies. By leveraging image visualization, the authors intend to simplify the detection of complex android Dalvik Executable files. The motivation stems from the rising complexity and frequency of cyber threats targeting connected hardware. The team explores whether transfer learning can enhance the performance of convolutional neural networks in this domain. Finally, the research focuses on providing explainability to ensure that security professionals can trust automated classification outcomes.

Main Methods:

Review approach involves comparing three state-of-the-art convolutional neural network architectures for threat classification. The researchers transform android Dalvik Executable files into color images to facilitate visual pattern recognition. A transfer learning strategy is applied to the Inception-v3 model to optimize feature extraction. The team integrates a global max-pooling layer to refine the output from the convolutional base. A SoftMax classifier serves as the final decision-making component for categorization. To ensure interpretability, the study employs Gradient-weighted Class Activation Mapping for visual localization of features. The t-distributed stochastic neighbor embedding technique is utilized to visualize the high-dimensional data clusters. Performance is evaluated against several baseline machine learning classifiers, including Support Vector Machines and ensemble methods.

Main Results:

Key findings from the literature indicate that the proposed Inception-v3 model achieves 98.5% accuracy in binary classification tasks. For multiclass prediction, the system reaches an accuracy level of 91%. These results demonstrate superior performance compared to traditional machine learning approaches. The study highlights that the fine-tuned transfer learning strategy effectively handles complex obfuscated code. Visualization results confirm that the model successfully focuses on relevant malicious patterns within the image data. The ensemble classifiers, including K-Nearest Neighbors and Decision Trees, show lower predictive capabilities than the deep learning framework. The integration of explainable tools provides clear insights into the model's classification logic. Overall, the method proves more robust than standard signature-based detection systems against modern threats.

Conclusions:

The authors propose a fine-tuned Inception-v3 model for identifying malicious software on Internet of Things hardware. Synthesis and implications suggest that converting files into color images enhances feature extraction capabilities. The researchers demonstrate that their approach outperforms traditional machine learning classifiers in both binary and multiclass scenarios. Gradient-weighted class activation mapping provides necessary transparency for understanding model decision-making processes. The study indicates that combining transfer learning with visualization techniques improves overall detection reliability. Authors claim that their system effectively handles the complexities of android Dalvik Executable files. The findings highlight the potential for deep learning to replace resource-heavy manual inspection workflows. This work confirms that explainable frameworks are vital for building trust in automated security systems.

The researchers propose a fine-tuned Inception-v3 model. This architecture extracts features from color-coded representations of android Dalvik Executable files, followed by a global max-pooling layer and a SoftMax classifier to categorize the threats.

The authors utilize Gradient-weighted Class Activation Mapping alongside t-distributed stochastic neighbor embedding. These visualization tools allow developers to interpret the internal decision-making processes of the deep learning model, providing clarity on which image regions trigger a positive detection.

A global max-pooling layer is necessary to condense the high-dimensional feature maps extracted by the Inception-v3 architecture. This step ensures that the most relevant information is passed to the final classifier for accurate threat prediction.

The study uses android Dalvik Executable files converted into color images. This data transformation allows the convolutional neural network to treat malware detection as an image classification task, leveraging spatial patterns that traditional text-based analysis might overlook.

The proposed method achieved 98.5% accuracy for binary prediction and 91% for multiclass prediction. These results surpass the performance of traditional classifiers like Support Vector Machines and K-Nearest Neighbors in various evaluation metrics.

The researchers propose that their explainable framework enhances security by making automated detection systems more transparent. They suggest that this approach helps security professionals understand why specific files are flagged as malicious, thereby improving trust in automated network defense.