| 基于N-gram特征的恶意代码可视化方法 |
| |
| 引用本文: | 任卓君,陈光,卢文科. 基于N-gram特征的恶意代码可视化方法[J]. 电子学报, 2019, 47(10): 2108-2115. DOI: 10.3969/j.issn.0372-2112.2019.10.012 |
| |
| 作者姓名: | 任卓君 陈光 卢文科 |
| |
| 作者单位: | 东华大学信息科学与技术学院,上海,201620;东华大学信息科学与技术学院,上海,201620;东华大学信息科学与技术学院,上海,201620 |
| |
| 基金项目: | 国家自然科学基金;中央高校基本科研业务费专项资金 |
| |
| 摘 要: | 本文提出了两种基于N-gram特征的恶意代码可视化方法.方法一以空间填充曲线的形式表示,解决了灰度图方法不能定位字符信息进行交互分析的问题;方法二可视化恶意代码的2-gram特征,解决了重置代码段或增加冗余信息来改变全局图像特征的问题.经深度融合网络验证所提方法的识别与分类性能,取得了较优的结果.
|
| 关 键 词: | 恶意代码 可视化分析 空间填充曲线 卷积神经网络 迁移学习 |
| 收稿时间: | 2018-05-04 |
Malware Visualization Methods Based on N-gram Features |
| |
| REN Zhuo-jun,CHEN Guang,LU Wen-ke. Malware Visualization Methods Based on N-gram Features[J]. Acta Electronica Sinica, 2019, 47(10): 2108-2115. DOI: 10.3969/j.issn.0372-2112.2019.10.012 |
| |
| Authors: | REN Zhuo-jun CHEN Guang LU Wen-ke |
| |
| Affiliation: | College of Information Science and Technology, Donghua University, Shanghai 201620, China |
| |
| Abstract: | We proposed two new methods for visualization analysis based on N-gram features of malware.Method 1 uses space filling curves to solve the problem that the existing grayscale method cannot locate character information for interactive analysis.Method 2 visualizes the bi-gram features of malware to solve the problem that the attackers may relocate code sections or add redundant data to change the global image features of the visualized results.We designed the deep fusion networks to validate the detection and classification performances of the proposed methods,and the experimental results are very promising. |
| |
| Keywords: | malware visualization analysis space filling curves convolution neural networks transfer learning |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《电子学报》浏览原始摘要信息 |
|
点击此处可从《电子学报》下载免费的PDF全文 |
