COMBATTING BANKING MALWARE THREATS: EVALUATING THE EFFICACY OF HYBRID AND SINGLE-CLASSIFICATION ALGORITHMS

  • Suleiman Dauda Kaduna State University, Kaduna
  • Muhammad Aminu Ahmad Kaduna State University, Kaduna
  • Ahmad Abubakar Aliyu Kaduna State University, Kaduna
  • Mohammed Ibrahim Kaduna State University, Kaduna
  • Sa'adatu Abdulkadir Kaduna State University, Kaduna
  • Abubakar Mu'azu Ahmed Kaduna State University, Kaduna
  • A. S. Mukhtar Kaduna State University, Kaduna
  • S. Bello
DOI: https://doi.org/10.33003/fjs-2025-0903-3235
Keywords: Accuracy, Banking malware, Cybersecurity, Classification algorithms, Hybrid models, Single classifiers

Abstract

The increasing sophistication and prevalence of banking malware pose significant challenges to cybersecurity, threatening the confidentiality, integrity, and availability of financial systems and user data. This study evaluates the efficacy of hybrid and single-classification algorithms in detecting banking malware, addressing a critical gap in existing research. A total of eight classification algorithms were analyzed, including three hybrid models—Stacked Ensemble with Gradient Boosting, AdaBoost, and Stacking with Decision Trees and Random Forest. Additionally, five single classifiers—Support Vector Machine (SVM), Decision Tree, k-NN, Random Forest and Logistic Regression were assessed. The research methodology incorporated principal component analysis (PCA) for feature selection and techniques like Adasyn and Tomek Link to address data imbalance. Classification performance was evaluated using key metrics: accuracy, precision, recall, and F1-score. Results demonstrated that hybrid models, particularly an ensemble combining Random Forest and Decision Tree, outperformed other classifiers, achieving superior accuracy (0.98), precision, and recall. While Gradient Boosting and AdaBoost also exhibited robust performance, Logistic Regression showed room for improvement in precision and recall metrics. This research highlights the effectiveness of hybrid classification models in enhancing the detection of banking malware and underscores their potential for strengthening cybersecurity defenses in financial systems. The study contributes to the growing literature on machine learning applications in malware detection and provides insights into the strengths and limitations of diverse classification algorithms.

References

Aboaoja, F. A., Zainal, A., Ghaleb, F. A., Al-Rimy, B. A. S., Eisa, T. A. E., & Elnour, A. A. H. (2022). Malware detection issues, challenges, and future directions: A survey. Applied Sciences, 12(17), 8482. DOI: https://doi.org/10.3390/app12178482

Alzaylaee, M. K., Yerima, S. Y., & Sezer, S. (2020). DL-Droid: Deep learning-based android malware detection using real devices. Computers & Security, 89, 101663. DOI: https://doi.org/10.1016/j.cose.2019.101663

Angelo Oliveira. (2019). Malware analysis datasets: API call sequences. IEEE Dataport. https://dx.doi.org/10.21227/tqqm-aq14

Aslan, . A., & Samet, R. (2020). A comprehensive review on malware detection approaches. IEEE Access, 8, 62496271. DOI: https://doi.org/10.1109/ACCESS.2019.2963724

Awujoola, O. J., Ogwueleka, F. N., Irhebhude, M. E., & Misra, S. (2021). Wrapper based approach for network intrusion detection model with combination of dual filtering technique of resample and SMOTE. In Artificial Intelligence for Cyber Security: Methods, Issues and Possible Horizons or Opportunities (pp. 139-167). Cham: Springer International Publishing. DOI: https://doi.org/10.1007/978-3-030-72236-4_6

Chen, T., & Guestrin, C. (2016, August). XGBoost: A scalable tree boosting system. In Proceedings of the 22nd ACM SIGKDD international conference on knowledge discovery and data mining (pp. 785794). DOI: https://doi.org/10.1145/2939672.2939785

Etaher, N., & Weir, G. (2014, June). Understanding the threat of banking malware. In Cyberforensics 2014-International Conference on Cybercrime, Security & Digital Forensics.

Enem, T. A., & Awujoola, O. J. (2023). Malware detection and classification using embedded convolutional neural network and long short-term memory technique. Science World Journal, 18(2), 204-211. DOI: https://doi.org/10.4314/swj.v18i2.6

Fuhr, J., Wang, F., & Tang, Y. (2022). MOCA: A network intrusion monitoring and classification system. Journal of Cybersecurity and Privacy, 2(3), 629639. DOI: https://doi.org/10.3390/jcp2030032

Gauthama Raman, M. R., Somu, N., & Mathur, A. P. (2019). Anomaly detection in critical infrastructure using probabilistic neural network. In Applications and Techniques in Information Security: 10th International Conference, ATIS 2019, Thanjavur, India, November 2224, 2019, Proceedings 10 (pp. 129141). Springer Singapore.

Guo, Q. Y., Zhang, S. J., Liu, H., Wang, C. L., Wei, F. L., Lv, T., ... & Liu, D. X. (2011). Three-dimensional evaluation of upper anterior alveolar bone dehiscence after incisor retraction and intrusion in adult patients with bimaxillary protrusion malocclusion. Journal of Zhejiang University SCIENCE B, 12, 990997. DOI: https://doi.org/10.1631/jzus.B1100013

Guyon, I., & Elisseeff, A. (2006). An introduction to feature extraction. In Feature extraction: Foundations and applications (pp. 125). Springer Berlin Heidelberg. DOI: https://doi.org/10.1007/978-3-540-35488-8

Hagedoorn, T. R., & Spanakis, G. (2017, November). Massive open online courses temporal profiling for dropout prediction. In 2017 IEEE 29th International Conference on Tools with Artificial Intelligence (ICTAI) (pp. 231238). IEEE.

He, K., & Kim, D. S. (2019, August). Malware detection with malware images using deep learning techniques. In 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE) (pp. 95102). IEEE. DOI: https://doi.org/10.1109/TrustCom/BigDataSE.2019.00022

Jabeur, S. B. (2017). Bankruptcy prediction using partial least squares logistic regression. Journal of Retailing and Consumer Services, 36, 197202. DOI: https://doi.org/10.1016/j.jretconser.2017.02.005

Kamiska, J. A. (2018). The use of random forests in modelling short-term air pollution effects based on traffic and meteorological conditions: A case study in Wrocaw. Journal of Environmental Management, 217, 164174. DOI: https://doi.org/10.1016/j.jenvman.2018.03.094

Kazi, M. A., Woodhead, S., & Gan, D. (2019, November). Comparing and analysing binary classification algorithms when used to detect the Zeus malware. In 2019 Sixth HCT Information Technology Trends (ITT) (pp. 611). IEEE. DOI: https://doi.org/10.1109/ITT48889.2019.9075115

Kazi, M. A., Woodhead, S., & Gan, D. (2022). An investigation to detect banking malware network communication traffic using machine learning techniques. Journal of Cybersecurity and Privacy, 3(1), 123. DOI: https://doi.org/10.3390/jcp3010001

Kedziora, M., Gawin, P., Szczepanik, M., & Jozwiak, I. (2019). Malware detection using machine learning algorithms and reverse engineering of Android Java code. International Journal of Network Security & Its Applications (IJNSA), 11. DOI: https://doi.org/10.2139/ssrn.3328497

Kim, T., Kang, B., Rho, M., Sezer, S., & Im, E. G. (2018). A multimodal deep learning method for Android malware detection using various features. IEEE Transactions on Information Forensics and Security, 14(3), 773788. DOI: https://doi.org/10.1109/TIFS.2018.2866319

Liu, L., Wang, B. S., Yu, B., & Zhong, Q. X. (2017). Automatic malware classification and new malware detection using machine learning. Frontiers of Information Technology & Electronic Engineering, 18(9), 13361347. DOI: https://doi.org/10.1631/FITEE.1601325

Mathur, A., Podila, L. M., Kulkarni, K., Niyaz, Q., & Javaid, A. Y. (2021). NATICUSdroid: A malware detection framework for Android using native and custom permissions. Journal of Information Security and Applications, 58, 102696. DOI: https://doi.org/10.1016/j.jisa.2020.102696

Mathur, M. K., Verma, A. K., Makwana, G. E., & Sinha, M. (2013). Study of opportunistic intestinal parasitic infections in human immunodeficiency virus/acquired immunodeficiency syndrome patients. Journal of Global Infectious Diseases, 5(4), 164. DOI: https://doi.org/10.4103/0974-777X.122012

Mitchell, T. M. (1997). Does machine learning really work? AI Magazine, 18(3), 11.

Ozigis, M. S., Kaduk, J. D., Jarvis, C. H., da Conceio Bispo, P., & Balzter, H. (2020). Detection of oil pollution impacts on vegetation using multifrequency SAR, multispectral images with fuzzy forest and random forest methods. Environmental Pollution, 256, 113360. DOI: https://doi.org/10.1016/j.envpol.2019.113360

Pawlicka, A., Pawlicki, M., Kozik, R., & Chora, M. (2023). What will the future of cybersecurity bring us, and will it be ethical? The hunt for the black swans of cybersecurity ethics. IEEE Access. DOI: https://doi.org/10.1109/ACCESS.2023.3283791

Qiu, J., Zhang, J., Luo, W., Pan, L., Nepal, S., & Xiang, Y. (2020). A survey of Android malware detection with deep neural models. ACM Computing Surveys (CSUR), 53(6), 136. DOI: https://doi.org/10.1145/3417978

Rieck, K., Holz, T., Willems, C., Dssel, P., & Laskov, P. (2008, July). Learning and classification of malware behavior. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 108125). Springer Berlin Heidelberg.

Salminen, J., Yoganathan, V., Corporan, J., Jansen, B. J., & Jung, S. G. (2019). Machine learning approach to auto-tagging online content for content marketing efficiency: A comparative analysis between methods and content type. Journal of Business Research, 101, 203217. DOI: https://doi.org/10.1016/j.jbusres.2019.04.018

Singh, J., & Singh, J. (2021). A survey on machine learning-based malware detection in executable files. Journal of Systems Architecture, 112, 101861. DOI: https://doi.org/10.1016/j.sysarc.2020.101861

Tahtaci, B., & Canbay, B. (2020, October). Android malware detection using machine learning. In 2020 Innovations in Intelligent Systems and Applications Conference (ASYU) (pp. 16). IEEE. DOI: https://doi.org/10.1109/ASYU50717.2020.9259834

Tobiyama, S., Yamaguchi, Y., Shimada, H., Ikuse, T., & Yagi, T. (2016, June). Malware detection with deep neural network using process behavior. In 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC) (Vol. 2, pp. 577582). IEEE. DOI: https://doi.org/10.1109/COMPSAC.2016.151

Usman, N., Usman, S., Khan, F., Jan, M. A., Sajid, A., Alazab, M., & Watters, P. (2021). Intelligent dynamic malware detection using machine learning in IP reputation for forensics data analytics. Future Generation Computer Systems, 118, 124141. DOI: https://doi.org/10.1016/j.future.2021.01.004

Vinayakumar, R., Alazab, M., Soman, K. P., Poornachandran, P., & Venkatraman, S. (2019). Robust intelligent malware detection using deep learning. IEEE Access, 7, 4671746738. DOI: https://doi.org/10.1109/ACCESS.2019.2906934

Yeilkanat, C. M. (2020). Spatio-temporal estimation of the daily cases of COVID-19 in worldwide using random forest machine learning algorithm. Chaos, Solitons & Fractals, 140, 110210. DOI: https://doi.org/10.1016/j.chaos.2020.110210

Zolkipli, M. F., & Jantan, A. (2010, May). A framework for malware detection using combination technique and signature generation. In 2010 Second International Conference on Computer Research and Development (pp. 196199). IEEE. DOI: https://doi.org/10.1109/ICCRD.2010.25

Published
2025-03-31
How to Cite
Dauda, S., Ahmad, M. A., Aliyu, A. A., Ibrahim, M., Abdulkadir, S., Ahmed, A. M., Mukhtar, A. S., & Bello, S. (2025). COMBATTING BANKING MALWARE THREATS: EVALUATING THE EFFICACY OF HYBRID AND SINGLE-CLASSIFICATION ALGORITHMS. FUDMA JOURNAL OF SCIENCES, 9(3), 284 - 293. https://doi.org/10.33003/fjs-2025-0903-3235
Issue
Vol. 9 No. 3 (2025): FUDMA Journal of Sciences - Vol. 9 No. 3
Section
Research Articles

Copyright (c) 2025 FUDMA JOURNAL OF SCIENCES

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

FUDMA Journal of Sciences

Most read articles by the same author(s)