| 基于卷积神经网络与多特征融合恶意代码分类方法 |
| |
| 引用本文: | 郑珏,欧毓毅. 基于卷积神经网络与多特征融合恶意代码分类方法[J]. 计算机应用研究, 2022, 39(1): 240-244. DOI: 10.19734/j.issn.1001-3695.2021.06.0258 |
| |
| 作者姓名: | 郑珏 欧毓毅 |
| |
| 作者单位: | 广东工业大学 计算机学院,广州510006 |
| |
| 基金项目: | 广州市科技计划资助项目(201902020007,202007010004)。 |
| |
| 摘 要: | 为了减小加壳、混淆技术对恶意代码分类的影响并提高准确率,提出一种基于卷积神经网络和多特征融合的恶意代码分类方法,以恶意代码灰度图像和带有API函数调用与操作码的混合序列为特征,设计基于卷积神经网络的多特征融合分类器。该分类器由图像组件、序列组件和融合组件构成,经训练后用于检测恶意代码类别。实验结果表明,相比目前已有的HYDRA、Orthrus等方法,该方法的分类准确率和宏F1值更高,表明该方法能减小加壳、混淆技术影响,更准确地分类恶意代码。
|
| 关 键 词: | 恶意代码 静态分析 深度学习 多特征融合 |
| 收稿时间: | 2021-06-24 |
| 修稿时间: | 2021-12-18 |
Malware classification method based on convolutional neural network and multi-feature fusion |
| |
| Zheng Jue and Ou Yuyi. Malware classification method based on convolutional neural network and multi-feature fusion[J]. Application Research of Computers, 2022, 39(1): 240-244. DOI: 10.19734/j.issn.1001-3695.2021.06.0258 |
| |
| Authors: | Zheng Jue and Ou Yuyi |
| |
| Affiliation: | (School of Computers,Guangdong University of Technology,Guangzhou 510006,China) |
| |
| Abstract: | In order to reduce the impact of pack and obfuscation on malware classification and improve the accuracy, this paper proposed a malware classification method based on convolutional neural network and multi-feature fusion. The classifier was based on convolutional neural network and it took grayscale image of malware and the mixed sequence with API function call and opcode as features. The classifier had three components: image component, sequence component and fusion component. After training, the classifier could detect malware categories. The experimental results show that this method has higher classification accuracy and macro-F1 than some existing methods such as HYDRA and Orthrus. This method can classify malware more accurately and reduce the impact of packing and obfuscation. |
| |
| Keywords: | malicious codes static analysis deep learning multi-feature fusion |
| 本文献已被 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
