3D Volumetric Malware Detection Using Morton Curves and Multi-Channel Semantic Features

In today's day and age, the increased digitization of day-to-day operations across organizations and the promotion of BYOD and work from home initiatives create an ever-expanding threat vector, that is, malware infection. Most adopted countermeasures are Hash-based matching and reactive/Behaviour observant approaches to detect malicious software. In this paper, we propose an experimental proactive malware detection model based on a 3D CNN. Unlike conventional 2D byte-visualization approaches that construct binaries into planar representations, we construct a volumetric embedding of executable binaries using a locality-preserving mapping. We hypothesize that this 3D representation better preserves spatial adjacency within the byte stream and enables hierarchical feature extraction through volumetric convolution, potentially improving structural pattern learning. This approach has demonstrated strong performance in our experiments, under a family and distribution disjoint held-out evaluation designed to assess generalization to unseen malware families. With our methodology, the best model achieves 88% accuracy with an 11% false negative rate on the held-out set. For comparison, a conventional random-split setting yields 99% accuracy with an ROC-AUC of 0.9971, highlighting the impact of distributional separation on evaluation. The model maintains an average inference time of 3.3\,ms per sample, demonstrating its suitability for high-throughput detection of known threats.