@Article{cmc.2026.077084, AUTHOR = {Faten S. Alamri, Muhammad Amjad Raza, Abeer Rashad Mirdad, Adil Ali Saleem, Tanzila Saba}, TITLE = {HMF-Net: Hierarchical Multi-Feature Network for IIoT Malware Detection}, JOURNAL = {Computers, Materials \& Continua}, VOLUME = {87}, YEAR = {2026}, NUMBER = {3}, PAGES = {--}, URL = {http://www.techscience.com/cmc/v87n3/66948}, ISSN = {1546-2226}, ABSTRACT = {Rapid expansion of Industrial Internet of Things (IIoT) systems has heightened the vulnerability of critical infrastructure to sophisticated malware attacks. Traditional signature-based detection methods are ineffective against evolving threats, and many machine learning models fail to capture temporal behavior, offer interpretability, or operate efficiently in resource-constrained environments. This study proposes HMF-Net, a Hierarchical Multi-Feature Network, for accurate, interpretable, and efficient IIoT malware detection. HMF-Net combines hierarchical VT-Tag embedding (HVTE) to model semantic behavioral information, temporal detection ratio analysis (TDRA) to capture confidence variations for polymorphic malware, and static structural binary features. These features are fused using an adaptive attention mechanism that dynamically prioritizes the most informative modalities during classification. The framework is evaluated on an IIoT malware dataset with 2515 samples from six malware families using five-fold cross-validation. Results show HMF-Net achieves 92.47% accuracy, outperforming Gradient Boosting (90.57%), Random Forest (88.52%), DeepMLP (87.26%), and SimpleMLP (84.34%) with p < 0.05. Ablation studies reveal HVTE as the most influential component, while TDRA and adaptive fusion further enhance performance. Attention-weight analysis highlights feature importance, especially for polymorphic behavior. The compact HMF-Net architecture (4.2 MB, 2.1 M parameters) with a 3.5 ms inference time supports real-time deployment in edge environments, balancing precision and recall for security applications.}, DOI = {10.32604/cmc.2026.077084} }