Submit

Login Login

Register Register

Home / Journals / CMC / Online First / doi:10.32604/cmc.2026.077928
Journal Menu
Special Issues
Table of Content

All issues

Online First

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Open Access

ARTICLE

WAFDect: A Malware Detection Model Based on Multi-Source Feature Fusion

Xian Wu, Liang Wan*, Jingxia Ren, Bangfeng Zhang
College of Computer Science and Technology, Guizhou University, Guiyang, China
* Corresponding Author: Liang Wan. Email: email
(This article belongs to the Special Issue: Advances in Intrusion Detection and Prevention Systems)

Computers, Materials & Continua https://doi.org/10.32604/cmc.2026.077928

Received 19 December 2025; Accepted 06 March 2026; Published online 08 April 2026

Abstract

Traditional malware detection models rely on a single feature source for detection, resulting in high false positive or false negative rates due to incomplete information. In addition, conventional models depend on manual feature engineering, which is inefficient and hard to adapt to new malware variants. To address these challenges, this paper proposes a malware detection model called WAFDect based on a self-attention mechanism with multi-source feature fusion. The model consists of two key designs. First, we construct a multi-source feature extraction model that analyzes multi-source data such as API call sequences, registry operation logs, file operation logs, and network behavior logs, capturing malware characteristics at multiple abstraction levels and building a global representation of maliciousness, thereby overcoming the problem of single feature sources in traditional models. Second, to address the heterogeneity of multi-source features in terms of dimension, scale, and semantics, we design a feature alignment module based on attention weights. This module can dynamically learn the association strength between different feature modalities and achieve semantic alignment and adaptive fusion of cross-modal features through a weighting allocation mechanism, effectively reducing the reliance on manual feature engineering in traditional methods. The experimental results indicate that WAFDect achieved excellent detection performance on the Speakeasy (trainset) and Avast-CTU_Small datasets, with accuracies of 0.9229 and 0.9878, respectively. Compared with traditional detection models, this method shows significant improvements in key metrics such as accuracy and F1 score, thereby validating its effectiveness.

Keywords

Malware detection; multi-source feature fusion; dynamic analysis; self-attention mechanism

  • 31

    View

  • 4

    Download

  • 0

    Like

Related articles
Copyright© 2026 Tech Science Press
© 1997-2026 TSP (Henderson, USA) unless otherwise stated

Share Link