一种基于特征融合的恶意代码快速检测方法
A Fast Malicious Code Detection Method Based on Feature Fusion
查看参考文献36篇
|
文摘
|
随着恶意代码对抗技术的发展,恶意攻击者通过加壳、代码混淆等技术繁衍大量恶意代码变种,而传统恶意代码检测方法难以对其进行有效检测.基于恶意代码可视化的恶意代码检测方法被证明是一种能够有效识别恶意代码及其变种的新方法.针对目前研究仅着眼于提升模型分类准确率而忽略了恶意代码检测的时效性,本文提出了一种基于特征融合的恶意代码快速检测方法.该方法以深度神经网络为框架,采取模块化设计思想,将多尺度恶意代码特征融合与通道注意力机制结合,增强关键特征表达,并使用数据增强技术改善数据集类别不平衡问题.通过实验证明本文方法分类准确率高且参数量小、检测时效性高,优于目前的恶意代码检测技术. |
|
其他语种文摘
|
With the development of anti-malicious code technology,malicious attackers multiply a large number of malicious code variants by adding shell,code obfuscation and other technologies.However,traditional malicious code detection methods are difficult to detect them effectively.Malicious code detection based on malicious code visualization has been proved to be an effective method for identifying malicious code variants.The current research only focuses on improving the accuracy of model classification while ignoring the timeliness of malicious code detection.To solve the above problem,this paper proposes a fast malicious code detection method based on feature fusion.Based on the framework of deep neural network and the idea of modular design,our method combines multi-scale malicious code feature fusion with channel attention mechanism to enhance typical feature expression.In addition,data augmentation technology is utilized to deal with the problem of dataset category imbalance.The results of experiments indicate that the proposed method achieves high classification accuracy,small number of parameters and high detection timeliness,which is superior to the current malicious code detection technology. |
|
来源
|
电子学报
,2023,51(1):57-66 【核心库】
|
|
DOI
|
10.12263/DZXB.20211701
|
|
关键词
|
恶意代码
;
深度神经网络
;
特征融合
;
通道注意力机制
;
数据增强技术
;
恶意代码可视化
|
|
地址
|
空军工程大学防空反导学院, 陕西, 西安, 710051
|
|
语种
|
中文 |
|
文献类型
|
研究性论文 |
|
ISSN
|
0372-2112 |
|
学科
|
自动化技术、计算机技术 |
|
基金
|
国家自然科学基金
|
|
文献收藏号
|
CSCD:7419780
|
参考文献 共
36
共2页
|
|
1.
国家互联网应急中心.
2021年第2期网络安全信息与动态周报,2021
|
CSCD被引
1
次
|
|
|
|
|
2.
Alazab M. Profiling and classifying the behavior of malicious codes.
Journal of Systems and Software,2015,100:91-102
|
CSCD被引
9
次
|
|
|
|
|
3.
Venkatraman S. Use of data visualization for zero-day malware detection.
Security and Communication Networks,2018,2018:1-13
|
CSCD被引
4
次
|
|
|
|
|
4.
Conti G. Automated mapping of large binary objects using primitive fragment type classification.
Digital Investigation,2010,7:S3-S12
|
CSCD被引
6
次
|
|
|
|
|
5.
Nataraj L. Malware images: Visualization and automatic classification.
Proceedings of the 8th International Symposium on Visualization for Cyber Security,2011:1-7
|
CSCD被引
33
次
|
|
|
|
|
6.
韩晓光. 基于纹理指纹的恶意代码变种检测方法研究.
通信学报,2014,35(8):125-136
|
CSCD被引
28
次
|
|
|
|
|
7.
Nataraj L. A comparative assessment of malware classification using binary texture analysis and dynamic analysis.
Proceedings of the 4th ACM Workshop on Security and Artificial Intelligence,2011:21-30
|
CSCD被引
8
次
|
|
|
|
|
8.
汪嘉来. Windows平台恶意软件智能检测综述.
计算机研究与发展,2021,58(5):977-994
|
CSCD被引
4
次
|
|
|
|
|
9.
任卓君. 基于N-gram特征的恶意代码可视化方法.
电子学报,2019,47(10):2108-2115
|
CSCD被引
5
次
|
|
|
|
|
10.
Nataraj L. SPAM: Signal processing to analyze malware.
IEEE Signal Processing Magazine,2016,33:105-117
|
CSCD被引
6
次
|
|
|
|
|
11.
Kancherla K. Image visualization based malware detection.
2013 IEEE Symposium on Computational Intelligence in Cyber Security,2013:40-44
|
CSCD被引
2
次
|
|
|
|
|
12.
刘亚姝. 抗混淆的恶意代码图像纹理特征描述方法.
通信学报,2018,39(11):44-53
|
CSCD被引
4
次
|
|
|
|
|
13.
Naeem H. Identification of malicious code variants based on image visualization.
Computers & Electrical Engineering,2019,76:225-237
|
CSCD被引
2
次
|
|
|
|
|
14.
卢喜东. 一种基于深度森林的恶意代码分类方法.
软件学报,2020,31(5):1454-1464
|
CSCD被引
9
次
|
|
|
|
|
15.
Gibert D. Using convolutional neural networks for classification of malware represented as images.
Journal of Computer Virology and Hacking Techniques,2019,15(1):15-28
|
CSCD被引
13
次
|
|
|
|
|
16.
Danish V. IMCFN: Image-based malware classification using fine-tuned convolutional neural network architecture.
Computer Networks,2020,171:107138
|
CSCD被引
16
次
|
|
|
|
|
17.
Kabanga E K. Malware images classification using convolutional neural network.
Journal of Computer and Communications,2018,6(1):153-158
|
CSCD被引
1
次
|
|
|
|
|
18.
Cui Z H. Detection of malicious code variants based on deep learning.
IEEE Transactions on Industrial Informatics,2018,14(7):3187-3196
|
CSCD被引
34
次
|
|
|
|
|
19.
Cui Z H. Malicious code detection based on CNNs and multi-objective algorithm.
Journal of Parallel and Distributed Computing,2019,129:50-58
|
CSCD被引
13
次
|
|
|
|
|
20.
Hu J. Squeeze and excitation networks.
IEEE Transactions on Pattern Analysis and Machine Intelligence,2020,42(8):2011-2023
|
CSCD被引
770
次
|
|
|
|
|
了解气象卫星更多信息,请访问