ISAnWin: inductive generalized zero-shot learning using deep CNN for malware detection across windows and android platforms.

Effective malware detection is critical to safeguarding digital ecosystems from evolving cyber threats. However, the scarcity of labeled training data, particularly for cross-family malware detection, poses a significant challenge. This research proposes a novel architecture ConvNet-6 to be used in Siamese Neural Networks for applying Zero-shot learning to address the issue of data scarcity. The proposed model for malware detection uses the ConvNet-6 architecture even with limited training samples. The proposed model is trained with just one labeled sample per sub-family. We conduct extensive experiments on a diverse dataset featuring Android and Portable Executables' malware families. The model achieves high performance in terms of 82% accuracy on the test dataset, demonstrating its ability to generalize and effectively detect previously unseen malware variants. Furthermore, we examine the model's transferability by testing it on a portable executable malware dataset, despite being trained solely on the Android dataset. Encouragingly, the performance remains consistent. The results of our research showcase the potential of deep convolutional neural network (CNN) in Siamese neural networks for the application of zero-shot learning to detect cross-family malware, even when dealing with minimal labeled training data.