Journal of Cyber Security and Risk Auditing

Journal of Cyber Security and Risk Auditing

ISSN: 3079-5354 (Online)

Publishing model:

: Open access
open accessOpen Access

Article

Geometry-Aware Multi-view Malware Detection Using Gromov–Wasserstein Fusion

by 

Vijay Kalmani Orcid link ;

Vedant Jadhav ;

Amer Alqutaish ;

Ghada Alradwan

PDF logoPDF

Published: 2026

Abstract

Intrusion Detection Systems (IDS) are becoming increasingly challenged with the continuous evolution of modern malware that is obscured, using multiple methods to bypass detection and even being able to deceive the detection base solely based on signatures. The use of single-view or static detection models is often nonproductive because they cannot perceive the various behavioral patterns and memory-level patterns shown during runtime. This situation motivates the development of multi-view geometry-aware fusion schemes. In this study, we present GSTF, a leakage-free IDS pipeline that merges network-flow telemetry and memory-forensics artifacts. The process uses Gromov–Wasserstein registration to harmonize different feature spaces, followed by ridge regression propagation and discriminative augmentation, which maintain the class-conditional structure. Together with a class-weighted Random Forest classifier, a PCA–NCA embedding promotes separability, while a calibrated decision rule ensures maximum recall under the precision constraint. The newly proposed GSTF framework on the large-scale, dual-view BCCC-Mal-NetMem-2025 dataset attained an accuracy of 99.84%, precision of 99.84%, and recall of 100%. These findings illustrate that geometry-consistent multi-view fusion significantly enhances the robustness of IDS against very high-dimensional and real-world malware threats.

Keywords

Multi-view malware detectionGromov–Wasserstein alignmentMemory-forensics AnalysisIntrusion Detection System (IDS)Optimal Transport Learning

Doi Link

https://doi.org/10.63180/jcsra.thestap.2026.1.2

How to Cite the Article

Alessa, A., Alduwayl, Y., & Rahman, M. M. H. (2026). Machine Learning Approaches to Mitigate Insider Threats in Electronic Health Records Systems. Journal of Cyber Security and Risk Auditing, 2026(1), 1–19.https://doi.org/10.63180/jcsra.thestap.2026.1.2

Geometry-Aware Multi-view Malware Detection Using Gromov–Wasserstein Fusion is licensed under CC BY 4.0CCBY

References

  1. Achuthan, K., Ramanathan, S., Srinivas, S., & Raman, R. (2024). Advancing cybersecurity and privacy with artificial intelligence: current trends and future research directions. Frontiers in Big Data, 7. https://doi.org/10.3389/fdata.2024.1497535
  2. Aldhafferi, N. (2024). Android malware detection using support vector regression for dynamic feature analysis. Information, 15(10), 658. https://doi.org/10.3390/info15100658
  3. Almseidin, M., Alzubi, M., Kovacs, S., & Alkasassbeh, M. (2017). Evaluation of machine learning algorithms for intrusion detection system. 2017 ieee 15th international symposium on intelligent systems and informatics (sisy), 000277-000282.
  4. Alohali, M. A., Al-Wesabi, F. N., Hilal, A. M., Goel, S., Gupta, D., & Khanna, A. (2022). Artificial intelligence enabled intrusion detection systems for cognitive cyber-physical systems in industry 4.0 environment. Cognitive Neurodynamics, 16(5), 1045-1057. https://doi.org/10.1007/s11571-022-09780-8
  5. Al-Qudah, M., Ashi, Z., Alnabhan, M., & Abu Al-Haija, Q. (2023). Effective one-class classifier model for memory dump malware detection. Journal of Sensor and Actuator Networks, 12(1), 5. https://doi.org/10.3390/jsan12010005
  6. Alvarez-Melis, D., & Jaakkola, T. (2018). Gromov-wasserstein alignment of word embedding spaces. Proceedings of the 2018 conference on empirical methods in natural language processing, 1881-1890.
  7. Amer, E., El-Sappagh, S., Abuhamad, T., Al-Rimy, B. A. S., & Mohasseb, A. (2026). Graphshield: Advanced dynamic graph-based malware detection using graph neural networks. Expert Systems with Applications, 298. https://doi.org/10.1016/j.eswa.2025.129812
  8. Arafah, M., Phillips, I., Adnane, A., Alauthman, M., & Aslam, N. (2025). An enhanced bigan architecture for network intrusion detection. Knowledge-Based Systems, 314. https://doi.org/10.1016/j.knosys.2025.113178
  9. Ashwini, K., & Nagasundara, K. B. (2024). An intelligent ransomware attack detection and classification using dual vision transformer with mantis search split attention network. Computers and Electrical Engineering, 119. https://doi.org/10.1016/j.compeleceng.2024.109509
  10. Bensaoud, A., & Kalita, J. (2025). Optimized detection of cyber-attacks on iot networks via hybrid deep learning models. Ad Hoc Networks, 170. https://doi.org/10.1016/j.adhoc.2025.103770
  11. Dehfouli, Y., & Habibi Lashkari, A. (2025). Vadvit: Vision transformer-driven memory forensics for malicious process detection and explainable threat attribution. Journal of Information Security and Applications, 94. https://doi.org/10.1016/j.jisa.2025.104200
  12. Dener, M., Ok, G., & Orman, A. (2022). Malware detection using memory analysis data in big data environment. Applied Sciences, 12(17), 8604. https://doi.org/10.3390/app12178604
  13. Euh, S., Lee, H., Kim, D., & Hwang, D. (2020). Comparative analysis of low-dimensional features and tree-based ensembles for malware detection systems. IEEE Access, 8, 76796-76808. https://doi.org/10.1109/ACCESS.2020.2986014
  14. Habibi Lashkari, A., Li, B., Lucas Carrier, T., & Kaur, G. (2021). Volmemlyzer: Volatile memory analyzer for malware classification using feature engineering. 2021 reconciling data analytics, automation, privacy, and security: A big data challenge (rdaaps), 1-8.
  15. Habibi Lashkari, A., Shafi, M., Li, Y., Singh, A. P., & Barkworth, A. (2025). Unveiling evasive malware behavior: toward generating a multi-sources benchmark dataset and evasive malware behavior profiling using network traffic and memory analysis. The Journal of Supercomputing, 81(6), 782. https://doi.org/10.1007/s11227-025-07267-x Retrieved from https://doi.org/10.1007/s11227-025-07267-x
  16. Hossain, M.A., & Islam, M. S. (2024). Enhanced detection of obfuscated malware in memory dumps: a machine learning approach for advanced cybersecurity. Cybersecurity, 7(1), 16. https://doi.org/10.1186/s42400-024-00205-z
  17. Lee, H., Kim, S., Baek, D., Kim, D., & Hwang, D. (2023). Robust iot malware detection and classification using opcode category features on machine learning. IEEE Access, 11, 18855-18867. https://doi.org/10.1109/ACCESS.2023.3247344
  18. Li, C., Mills, K., Niu, D., Zhu, R., Zhang, H., & Kinawi, H. (2019). Android malware detection based on factorization machine. IEEE Access, 7, 184008-184019. https://doi.org/10.1109/ACCESS.2019.2958927
  19. Li, R., Zhang, Q., & Shen, H. (2025). Malgea: A malware analysis framework via matrix factorization-based node embedding and graph external attention. Array, 27. https://doi.org/10.1016/j.array.2025.100493
  20. Li, Y., Li, Z., & Li, M. (2025). A comprehensive survey on intrusion detection algorithms. Computers and Electrical Engineering, 121. https://doi.org/10.1016/j.compeleceng.2024.109863
  21. Maniriho, P., Mahmood, A. N., & Chowdhury, M. J. M. (2024). Memaldet: A memory analysis-based malware detection framework using deep autoencoders and stacked ensemble under temporal evaluations. Computers & Security, 142, 103864. https://doi.org/10.1016/j.cose.2024.103864
  22. Merlino, V., & Allegra, D. (2024). Energy-based approach for attack detection in iot devices: A survey. Internet of Things, 27. https://doi.org/10.1016/j.iot.2024.101306
  23. Mohammadian, H., Higgins, G., Ansong, S., Razavi-Far, R., & Ghorbani, A. A. (2025). Explainable malware detection through integrated graph reduction and learning techniques. Big Data Research, 41. https://doi.org/10.1016/j.bdr.2025.100555
  24. Muhammed Shafi, K. P., Vinod, P., & Guerra-Manzanares, A. (2025). Hexnet: Enhancing malware classification through hierarchical cnns and multi-level feature attribution. Journal of Information Security and Applications, 94. https://doi.org/10.1016/j.jisa.2025.104207
  25. Nyholm, H., Monteith, K., Lyles, S., Gallegos, M., DeSantis, M., Donaldson, J., & Taylor, C. (2022). The evolution of volatile memory forensics. Journal of Cybersecurity and Privacy, 2(3), 556-572. https://doi.org/10.3390/jcp2030028
  26. Okoli, U.I., Obi, O.C., Adewusi, A.O., & Abrahams, T.O. (2024). Machine learning in cybersecurity: A review of threat detection and defense mechanisms. World Journal of Advanced Research and Reviews, 21(1), 2286-2295. https://doi.org/10.30574/wjarr.2024.21.1.0315
  27. Ottmann, J., Breitinger, F., & Freiling, F. (2024). An experimental assessment of inconsistencies in memory forensics. ACM Transactions on Privacy and Security, 27(1), 1-29. https://doi.org/10.1145/3628600
  28. Pagani, F., Fedorov, O., & Balzarotti, D. (2019). Introducing the temporal dimension to memory forensics. ACM Transactions on Privacy and Security, 22(2), 1-21. https://doi.org/10.1145/3310355
  29. Pourardebil khah, Y., Hosseini Shirvani, M., & Taheri, J. (2026). A survey study on meta-heuristic-based feature selection approaches of intrusion detection systems in distributed networks. Computer Standards & Interfaces, 96. https://doi.org/10.1016/j.csi.2025.104074
  30. [30] Alrajeh, M., Almaiah, M., & Mamodiya, U. (2026). Cyber Risk Analysis and Security Practices in Industrial Manufacturing: Empirical Evidence and Literature Insights. International Journal of Cybersecurity Engineering and Innovation, 2026(1).
  31. Rao, S. X., Han, Z., Yin, H., Jiang, J., Zhang, Z., Zhao, Y., & Shan, Y. (2025). Fraud detection at ebay. Emerging Markets Review, 66. https://doi.org/10.1016/j.ememar.2025.101277
  32. [32] Ho, M., Ang, S., Huy, S., & Janarthanan, M. (2026). MUMSPI: A Model for Usability Measurement of Single-Platform Interface for Multi-Tasking in Big Data Tools. Jordanian Journal of Informatics and Computing, 2026(1), 1–14. https://doi.org/10.63180/jjic.thestap.2026.1.1
  33. Salles, R., Lange, B., Akbarinia, R., Masseglia, F., Ogasawara, E., & Pacitti, E. (2025). Scalable and accurate online multivariate anomaly detection. Information Systems, 131. https://doi.org/10.1016/j.is.2025.102524
  34. Santhanam, P. K., Vellanki, H. C., Bellapu, S. R. R., & Mithra, K. (2026). Q-flexivit: A quantum-flexible vision transformer optimized by octopus-inspired algorithm for intrusion detection. Computers and Electrical Engineering, 129. https://doi.org/10.1016/j.compeleceng.2025.110793
  35. Al-shareeda, M., & Alrudainy, H. (2026). Sustainable and Secure Energy Optimization Strategies in the Internet of Healthcare Things (IoHT). International Journal of Cybersecurity Engineering and Innovation, 2026(1).
  36. Shelke, P., & Hamalainen, T. (2024). Analysing multidimensional strategies for cyber threat detection in security monitoring. European Conference on Cyber Warfare and Security, 23(1), 780-787. https://doi.org/10.34190/eccws.23.1.2123
  37. Singh, S., Krishnan, D., Vazirani, V., Ravi, V., & Alsuhibany, S. A. (2024). Deep hybrid approach with sequential feature extraction and classification for robust malware detection. Egyptian Informatics Journal, 27. https://doi.org/10.1016/j.eij.2024.100539
  38. [38] Ali, A. (2024). Adaptive and Context-Aware Authentication Framework Using Edge AI and Blockchain in Future Vehicular Networks. STAP Journal of Security Risk Management, 2024(1), 45–56. https://doi.org/10.63180/jsrm.thestap.2024.1.3
  39. Souza, C. H., Pascoal, T., Neto, E. P., Sousa, G. B., Filho, F. S., Batista, D. M., & Dantas Silva, F. S. (2025). Sdn based solutions for malware analysis and detection: State-of-the-art, open issues and research challenges. Journal of Information Security and Applications, 93. https://doi.org/10.1016/j.jisa.2025.104145
  40. Alshinwan, M., Memon, A. G., Ghanem, M. C., & Almaayah, M. (2025). Unsupervised text feature selection approach based on improved Prairie dog algorithm for the text clustering. Jordanian Journal of Informatics and Computing, 2025(1), 27–36. https://doi.org/10.63180/jjic.thestap.2025.1.4
  41. Tuan, T. A., Nguyen, P. S., Van, P. N., Hai, N. D., Trung, P. D., Son, N. T. K., & Long, H. V. (2025). A novel framework for cross-platform malware detection via afsp and adasyn-based balancing. Computers and Electrical Engineering, 128. https://doi.org/10.1016/j.compeleceng.2025.110625
  42. Al-shareeda, M., Musa, H. A., Jaafar, A., Salman, A. A., Tami, Z. J., Hameed, H. M., ... & Bashkh, N. S. (2026). Design and Implementation of a Speech-to-Sign Robotic Arm for Deaf Communication. International Journal of Cybersecurity Engineering and Innovation, 2026(1).
  43. Vayer, T., Chapel, L., Flamary, R., Tavenard, R., & Courty, N. (2020). Fused gromovwasserstein distance for structured objects. Algorithms, 13(9), 212. https://doi.org/10.3390/a13090212
  44. Yassin, A., & Almaiah, M. (2026). Cyber security risk assessment for determining threats and countermeasures for banking systems. International Journal of Cybersecurity Engineering and Innovation, 2026(1).
  45. Wang, X., Zhang, J., Zhang, A., & Ren, J. (2019). Tkrd: Trusted kernel rootkit detection for cybersecurity of vms based on machine learning and memory forensic analysis. Mathematical Biosciences and Engineering, 16(4), 2650-2667. https://doi.org/10.3934/mbe.2019132
  46. Wuchner, T., Ochoa, M., & Pretschner, A. (2015). Robust and effective malware detection through quantitative data flow graph metrics. Detection of intrusions and malware, and vulnerability assessment. 98–118.
  47. Yumlembam, R., Issac, B., & Jacob, S. M. (2025). Enhancing decision-making in windows pe malware classification during dataset shifts with uncertainty estimation. Knowledge-Based Systems, 331. https://doi.org/10.1016/j.knosys.2025.114723
  48. Zhang, L., Tang, G., He, X., Qi, K., Su, G., & Zhang, H. (2025). Automatic generation of industrial internet attack graphs with graph neural networks and bayesian models. Computer Networks, 272. https://doi.org/10.1016/j.comnet.2025.111736
  49. Zhang, S., Shan, S., Hu, Z., Shen, Y., Li, C., Zhang, K., & Wei, H. (2025). Outof-distribution fault detection in multi-sensor systems using spatio-temporal dynamic graph neural networks. Mechanical Systems and Signal Processing, 241. https://doi.org/10.1016/j.ymssp.2025.113524
  50. Alsahaim, S., Almaiah, M. A., & Sulaiman, R. B. (2023). Security Threats in Mobile Phones: Challenges, Countermeasures, and the Importance of User Awareness. International Journal of Cybersecurity Engineering and Innovation, 2023(1).
  51. Abu Laila, D., Aljawarneh, M., Al-Na’amneh, Q., & Bin Sulaiman, R. (2025). Optimizing Intrusion Detection Systems through Benchmarking of Ensemble Classifiers on Diverse Network Attacks. STAP Journal of Security Risk Management, 2025(1), 71–84. https://doi.org/10.63180/jsrm.thestap.2025.1.4